Department of Homeland Security Daily Open Source Infrastructure Report

Friday, October 16, 2009

Complete DHS Daily Report for October 16, 2009

Daily Report

Top Stories

 According to the Los Angeles Daily News, the Governor of California signed Senate Bill 24 to let the FBI continue to closely track the lifting of entire big-rig containers from the Port of Los Angeles and Port of Long Beach. The FBI says $15 billion to $30 billion worth of goods gets heisted nationwide each year, with about $5 billion to $10 billion of that vanishing in Los Angeles every year. (See item 13)

13. October 14, Los Angeles Daily News – (California) Secret criminal billionaires: Big-rig cargo thefts are hitting L.A.’s port. Huge big-rigs are quietly vanishing from the Port of Los Angeles and Port of Long Beach regularly, their cargo whisked away by sophisticated crime teams using regional leaders, fencers, “lumpers” and drivers who hijack the entire big-rig container, each stuffed with goods worth between $12,000 and as much as $3 million — in, say, iPhones. That is per big-rig container. California’s governor signed Senate Bill 24 to let the Federal Bureau of Investigation (FBI) and others continue to closely track, separately from other kinds of thefts, the lifting of containers, as the locals and the feds try to figure out how these criminal rings are so easily getting past security at the ports (insider corruption comes to mind). The FBI says $15 billion to $30 billion gets heisted nationwide each year — that is that they know of — and the math appears to suggest that about $5 billion to $10 billion of that is vanishing in Los Angeles every year. It is unnerving that a large number of jobs related to the port involve “a specialist who is expert at foiling the anti-theft locks on truck trailers,” as the legislative analysis of the bill the governor signed seems to suggest. The ports are highly sensitive places filled with gigantic oil tanks, big piles of chemicals, and other explosive materials. Source:

 The San Antonio Express-News reports that carbon monoxide leaked into a San Antonio, Texas Water System sewer line Wednesday morning, causing five people at a nearby Northeast Side business to suffer headaches and nausea, officials said. (See item 15)

15. October 14, San Antonio Express-News – (Texas) Carbon monoxide sickens two at Northeast Side business. Carbon monoxide leaked into a San Antonio Water System (SAWS) sewer line Wednesday morning, causing five people at a nearby Northeast Side business to suffer headaches and nausea, officials said. “We’re going to investigate this further, because it is not normal to have carbon monoxide in sewer lines,” said a SAWS spokeswoman. Employees at Builders Flooring in the 3800 block of Binz Engleman Road began to feel ill soon after they came into work, said the owner. Around 8 a.m., he called SAWS, whose crew took an air reading and told him they found noxious fumes present, he said. When he called the Metropolitan Health District for advice, officials “told us to vacate the building immediately,” he said. Nearly 20 San Antonio firefighters, paramedics and members of the department’s hazardous materials team arrived at the business around 10 a.m., said the department’s batallion chief. He said the hazardous materials team detected carbon monoxide in the sewer. While five employees complained of feeling sick, only two women sought medical treatment, he said. The women said they received oxygen and immediately felt better; neither was hospitalized. The owner said he’s smelled the odor, which SAWS officials said is hydrogen sulfide, in the past two years, but Wednesday’s fumes were more intense than ever. By noon, employees were let back into the building. Crews have tested the line before and are installing backwater valves to prevent hydrogen sulfide from escaping in the future. Meanwhile, SAWS crews will investigate the source of the carbon monoxide leak, which may have been caused by illicit dumping in the area. Source:


Banking and Finance Sector

7. October 15, Blue Ridge Times News – (National) New rivals pose threat to New York Stock Exchange. Even as the Dow Jones industrial average topped 10,000 for the first time since the financial crisis sent it tumbling, the New York Stock Exchange and its hometown face an unsettling truth: the Big Board, the symbolic heart of New York’s financial industry, is getting smaller. Young, fast-moving rivals are splintering its public marketplace and creating private markets that, their critics say, give big banks and investment funds an edge over ordinary investors. Some of the new trading venues, “dark pools,” the industry calls them, are all but invisible, even to regulators. These stealth markets enable sophisticated traders to buy and sell large blocks of stock in secrecy at lightning speed, a practice that has drawn scrutiny from the Securities and Exchange Commission. While the exchange has been under assault since the beginning of the decade, its decline has accelerated in recent years as aggressive competitors have emerged. Currently, 36 percent of daily trades in stocks that are listed on the New York Stock Exchange are actually executed on the exchange, down from about 75 percent nearly four years ago. The rest are conducted elsewhere, on new electronic exchanges or through dark pools. Source:

8. October 15, Dow Jones Newswires – (National) FDIC, OCC see bank woes continuing. The woes for the U.S.â_„bankingâ_„industry are expected to continue for some time, top regulators told a U.S. Senate committee on October 14, exacerbated by ongoing and expected problems in the commercial real estate sector. “We expect the number of problem institutions to increase and bank failures to remain high for the next several quarters,” the Federal Deposit Insurance Corp. chairman said in testimony before the Senateâ_„Bankingâ_„Committee. The chairman and the Comptroller of the Currency said there are some initial signs that the economy may be stabilizing, a good sign for banks, but warned that problems for U.S. banks are likely to lag any recovery. “Credit quality is continuing to deteriorate across almost all classes of banking assets in nearly all sizes of banks,” the Comptroller said in his prepared remarks. The negative outlook provided by regulators comes as lawmakers are engaged in a high-stakes battle to overhaul oversight of the financial system. The continued problems facing banks, as well as the expectation that more problems could arise, could affect those efforts. The Comptroller said the “vast majority” of national banks will have the financial capacity to withstand the declining quality of assets in their portfolios. But he warned that commercial real estate bets made in past years have yet to come due for many institutions. Source:

9. October 15, Bloomberg – (National) Dark pool plans by SEC may limit growth as trading quadruples. The U.S. Securities and Exchange Commission may restrict trading by so-called dark pools after lawmakers said a lack of transparency on the private venues hurts investors. The SEC may reduce the amount of orders that the stock networks are allowed to execute before being required to display them publicly and limit what traders call indications of interest that gauge demand without committing to buy or sell, said a market analyst at Aite Group LLC, a Boston- based financial-services consultant. Dark pools, trading venues operated by firms such as Goldman Sachs Group Inc., Getco LLC and Credit Suisse Group AG that do not display orders to the public, are getting increased scrutiny because their share of U.S. equity volume more than quadrupled to 9.4 percent in three years, according to Tabb Group LLC. A U.S. Senator said the platforms may give an unfair edge to some investors. “The intention is to restrict the overall growth of these markets that they view as not transparent,” said the market analyst whose firm counts the nation’s biggest banks, brokerages and hedge funds among more than 100 clients. “There’s a level of fairness that’s in question.” Trading in dark pools such as Credit Suisse’s Crossfinder and Goldman Sachs’s Sigma X, the two largest, has surged from 2 percent in mid-2006, according to estimates by Tabb, a New York- based financial-services consultant. Bloomberg LP, the parent of Bloomberg News, owns Bloomberg Tradebook LLC, an electronic stock-trading system that links to dark pools. Source:

10. October 13, WISN 2 Milwaukee – (Wisconsin) Bomb scare reported at M and I bank. The Milwaukee Bomb Squad was called to the scene of a bank robbery on 83rd and Silver Spring streets on October 13. According to police, a male dressed as a female came into the M&I Bank shortly after 12:30 p.m. claiming that he had a bomb and demanding money. The robber got away, leaving the device behind. The bomb squad determined that the device was not explosive. Source:

Information Technology

29. October 15, MX Logic – (International) Phishing scam spreads on Twitter via direct messages. Twitter users have reported a new phishing scam spreading on the social network through direct messages into a user’s inbox. The messages say “you’re on this vid” and contain links to a phishing website. The link in the messages takes users to a phony Twitter log-in site that asks for user passwords, in a scheme designed to steal passwords and hijack accounts for sending out more phishing spam to a user’s contacts. Twitter has been working to block spam accounts that can be used to spread malicious links for phishing or spreading malware and worms. Users who suspect that they have been spammed by an account can click on the actions toolbar and then click the “report as spam” button to report the suspicious profile. Source:

30. October 15, IDG News Service – (International) With botnets everywhere, DDoS attacks get cheaper. Security researchers say the cost of criminal services such as distributed denial of service, or DDoS, attacks has dropped in recent months.”The barriers to entry in that marketplace are so low you have people basically flooding the market,” said a security researcher with Arbor Networks. “The way you differentiate yourself is on price.” Criminals have gotten better at hacking into unsuspecting computers and linking them together into so-called botnet networks, which can then be centrally controlled. Botnets are used to send spam, steal passwords, and sometimes to launch DDoS attacks, which flood victims’ servers with unwanted information. Often these networks are rented out as a kind of criminal software-as-a-service to third parties, who are typically recruited in online discussion boards. DDoS attacks have been used to censor critics, take down rivals, wipe out online competitors and even extort money from legitimate businesses. Earlier this year a highly publicized DDoS attack targeted U.S. and South Korean servers, knocking a number of Web sites offline. DDoS attacks may have cost hundreds or even thousands of dollars per day a few years ago, but in recent months researchers have seen them going for bargain-basement prices. The Arbor Networks security researcher has seen DDoS attacks offered in the US$100-per-day range, but according to a SecureWorks security researcher, prices have dropped to $30 to $50 on some Russian forums. Source:

31. October 15, IDG News Service – (International) Mozilla plug-in checker boosts security. Mozilla developers have launched a new online tool that tells Firefox users whether popular add-on components such as Java or QuickTime are up to date. The new plug-in Check page tests for more than 15 popular plug-ins right now, and Mozilla plans to add more in the future. “Visitors to the page can see which plug-ins they have installed and, for any that are outdated, follow an easy link to the update site,” wrote Mozilla’s “human shield” in a October 13 blog posting. A test version of the site was introduced recently. The final page tests for plug-ins such as Silverlight, Picasa, iTunes and Acrobat. Firefox can already check to make sure that add-ons, installed through the Web site, are up to date. But this can’t be done with the plug-in software targeted by the new Web page, the “human shield” said in an e-mail interview. “plug-ins like RealPlayer, Flash or Silverlight are pieces of software installed on your machine outside of Firefox’s control,” he said. “They interact with Firefox, but they are independent software packages, and make their own choices about when and how to update.” Keeping plug-ins up-to-date is becoming increasingly important. Mozilla says that about 30 percent of browser crashes are caused by obsolete plug-ins. Besides that annoyance, however, they also pose a security risk. That’s because out-of-date plug-ins are increasingly exploited by hackers in Web-based attacks that place malicious software on the victim’s computer. Flaws in Adobe’s Flash and pdf formats, Apple’s QuickTime, and RealPlayer have all been widely exploited in this way in the past few years. Source:

32. October 14, NewsFactor Network – (International) Cyberthieves find workplace networks are easy pickings. Workplace networks have turned out to be much more porous and difficult to defend than anyone ever anticipated. Overly complex IT systems are producing endless opportunities for cyberthieves, who need only to master simple hacking techniques to get their hands on sensitive data. The result: Data breaches continue to plague companies, hospitals, universities and government agencies, any entity that collects data and conducts business on a digital network. The vast majority of organizations routinely fail to take simple defensive measures, such as shoring up common Web site weaknesses or uniformly enforcing the use of strong passwords. “Networks have become a hodgepodge of components stitched together, creating security holes that can easily be taken advantage of,” says the senior vice president at applications security firm Fortify Software. Though companies are loath to publicly disclose data losses, about 656 data breach cases made headlines in 2008, up from 446 in 2007, according to the non-profit Identity Theft Resource Center. Through nine months this year, ITRC has archived new stories chronicling 391 data thefts. With IT staffs stretched thin, and concentrating on adding digital services, data heists are going unreported, or unnoticed, security analysts say. Data thieves, in turn, are having a field day using well-understood hacking techniques to carry out increasingly refined cyberthefts. “They know where the money is,” says the CTO of security assessment firm Core Security Technologies. “And they’re getting to where the money is faster and with less noise.” Source:

For another story, see item 25, which is added below:

25. October 13, Washington Post – (Virginia) Va. pays dearly for computer troubles. A scathing legislative audit released Tuesday shows Virginia’s outsourcing of a massive $2 billion computer upgrade has been so troubled that core government services have been disrupted but that canceling the contract could cost the state hundreds of millions of dollars. The problems have affected almost every state agency that uses a computer — a prison was left without inbound phone service for hours, the Virginia State Police in Newport News lost Internet access for more than three days and computers in DMV offices crashed. Northrop Grumman, the giant Los Angeles-based defense company, was awarded the contract, the largest of any kind in Virginia’s history, because state officials thought it would provide the best value despite the business’s lack of experience managing state computer and communication systems, according to the report by the Joint Legislative Audit and Review Commission. Terminating the contract early could cost the state as much as $400 million and leave no one to manage its computer system. Source:

Communications Sector

33. October 15, WFIE 14 Madisonville – (Indiana) Ham radio gets new life. Ham radio operators already provide an invaluable communications link during disasters, like Hurricane Katrina and even right here at home after tornados ripped through the Tri State in 2005. A new system though will help ham radio operators reach out even further the next time disaster strikes. “We always say that ham radio talks where others fail,” said a ham radio operator. “It’s a fail-proof type of system to have. A guy can pop the hood up on his car, hook it up to the battery and be operational,” said the Vanderburgh County EMA director. “They used it in Katrina. It was the only communications they had in Katrina.” After attending an emergency management conference discussing earthquake preparedness, the director began thinking about using ham radio operators as a backup mode of communication should everything else fail. The Indiana Department of Homeland Security has given the director a $350,000 grant to setup a series of ham radio stations and repeaters throughout 12 different counties in southwestern Indiana. If the system, set to be installed soon, meets expectations, the state plans to roll it out in every region. Source:

34. October 15, Wall Street Journal – (National) Microsoft recovers lost Sidekick data. Microsoft Corp. said on October 14 that it has been able to recover the personal data lost on many of T-Mobile USA’s Sidekick devices. The Redmond, Washington, software giant said that most, if not all, customer data was recovered, and that the company would begin restoring data as soon as it has validated it. The company said it will start with personal contacts, and move on to the lost calendar, notes, tasks and pictures as quickly as possible. The fix comes as Microsoft suffers through a public backlash after mishandling the information found on the Sidekick line of messaging phones, which are popular with teenagers. T-Mobile already has offered affected subscribers a free month of data services and a $100 gift card. At least one customer has filed a lawsuit against both companies. Microsoft said the problem affected a minority of Sidekick users. The company blamed a system failure for the data loss in the core database and backup system. Microsoft said it had taken steps to strengthen the stability of the Sidekick service and started a more resilient backup process. Source: