Daily Report Template - Version 1

Tuesday, June 8, 2010

Complete DHS Daily Report for June 8, 2010

Daily Report

Top Stories

• According to the Olympia Olympian, the Gulf of Mexico oil spill is attracting another kind of potential disaster: investment fraud. Federal officials are warning investors to be wary of so-called “pump and dump” stock schemes tied to the BP oil spill. (See item 21 below in the Banking and Finance Sector)

• Federal officials have arrested an Army intelligence analyst who boasted of giving classified U.S. combat video and hundreds of thousands of classified State Department records to whistleblower site Wikileaks, Wired.com reports. The suspect, a 22 year-old army specialist from Potomac, Maryland, was stationed at Forward Operating Base Hammer, 40 miles east of Baghdad, where he was arrested nearly two weeks ago by the Army’s Criminal Investigation Division. (See item 42)

42. June 6, Wired.com – (International) U.S. intelligence analyst arrested in Wikileaks video probe. Federal officials have arrested an Army intelligence analyst who boasted of giving classified U.S. combat video and hundreds of thousands of classified State Department records to whistleblower site Wikileaks, Wired.com reports. The suspect, a 22 year-old army specialist from Potomac, Maryland, was stationed at Forward Operating Base Hammer, 40 miles east of Baghdad, where he was arrested nearly two weeks ago by the Army’s Criminal Investigation Division. A family member said he is being held in custody in Kuwait, and has not been formally charged. The suspect was turned in late last month by a former computer hacker with whom he spoke online. In the course of their chats, the suspect took credit for leaking a headline-making video of a helicopter attack that Wikileaks posted online in April. The video showed a deadly 2007 U.S. helicopter air strike in Baghdad that claimed the lives of several innocent civilians. He said he also leaked three other items to Wikileaks: a separate video showing the notorious 2009 Garani air strike in Afghanistan that Wikileaks has previously acknowledged is in its possession; a classified Army document evaluating Wikileaks as a security threat, which the site posted in March; and a previously unreported breach consisting of 260,000 classified U.S. diplomatic cables that the suspect described as exposing “almost criminal political back dealings.” Source: http://www.wired.com/threatlevel/2010/06/leak/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+wired/index+(Wired:+Index+3+(Top+Stories+2))

Details

Banking and Finance Sector

21. June 7, Olympia Olympian – (National) Buyer beware: Investment fraud springs up after oil spill. The Gulf of Mexico oil spill is attracting another kind of potential disaster: investment fraud. Federal officials are warning investors to be wary of so-called “pump and dump” stock schemes tied to the BP oil spill. “We’re never surprised by these scams,” said the Financial Industry Regulatory Authority’s senior vice president for investor education. He said similar frauds surfaced after Hurricane Katrina and the anthrax letter scares. In a pump-and-dump scheme, a company ups its stock price by hyping its connection to a disaster, typically products or services that can aid in recovery or rebuilding. As new investors pour in, company officials cash out by dumping their inflated shares, which then drives down the price and leaves investors with over-inflated stock. At the end of May, a California company was the first to be reprimanded by the Securities and Exchange Commission for questionable tactics in touting its ties to oil cleanup efforts. Source: http://www.theolympian.com/2010/06/07/1263181/buyer-beware-investment-fraud.html


22. June 6, Vancouver Sun – (International) 15-year-old caught in Richmond with hundreds of skimmed credit cards. A 15-year-old boy was arrested last month at a Canadian gas station for connection to a credit card skimming operation. The Richmond, British Columbia Royal County Mounted Police (RCMP) said in a news release that the arrest occurred after a six-month credit card fraud investigation. The boy is suspected of copying credit card information from several hundred customers without their knowledge, and then selling the stolen information to organized crime groups who could use the credit cards to make purchases. RCMP can not give a figure for actual losses at this time, but estimate that well over a million dollars were put at risk. The mounties are recommending charges of unauthorized possession of credit card data and possessing a credit card forging instrument. Source: http://www.vancouversun.com/health/year+caught+Richmond+with+hundreds+skimmed+credit+cards/3119931/story.html


23. June 5, Bank Info Security – (National) Three banks closed on June 4. Federal and state banking regulators closed three banks June 4, raising the number of failed institutions to 89 so far in 2010. First National Bank, Rosedale, Miss., was closed by the Office of the Comptroller of the Currency, which appointed the Federal Deposit Insurance Corp. (FDIC) as receiver. The FDIC entered into a purchase and assumption agreement with The Jefferson Bank, Fayette, Mississippi, to assume all deposits of First National Bank. The FDIC estimates that the cost to the Deposit Insurance Fund (DIF) will be $12.6 million. The FDIC approved the payout of the insured deposits of Arcola Homestead Savings Bank, Arcola, Illinois. The bank was closed by the Illinois Department of Financial Professional Regulation - Division of Banking, which appointed the FDIC as receiver. The FDIC estimates that the cost to the DIF will be $3.2 million. TierOne Bank, Lincoln, Neb., was closed by the Office of Thrift Supervision, which appointed the FDIC as receiver. The FDIC entered into a purchase and assumption agreement with Great Western Bank, Sioux Falls, South Dakota, to assume all of the deposits of TierOne Bank. The FDIC estimates that the cost to the DIF will be $297.8 million. Source: http://www.bankinfosecurity.com/articles.php?art_id=2612


24. June 4, Techworld – (Internetional) HSBC browser plugin attacked by Trojan. A popular anti-keylogging tool used by online banks such as HSBC, Trusteer’s Rapport, has come under direct attack by malware writers trying to bypass its protection settings. In a discovery reported by fellow security vendor Webroot Software, a Trojan the company names ‘Phisher-Rancor’ runs a batch file that tries to close down the Rapport app, while a second variant targets a separate binary, config.js. But the malware fails to overcome Rapport’s built-in protection mechanisms, starting with its ability to reload itself if closed down, a characteristic common to all anti-malware programs. Although the Trojan fails, Trusteer will doubtless take the attempt as a clear warning. “While this appears to be an isolated (and, for now, totally inept) incident of an easily defeated phishing Trojan that attempts to disable this particular anti-phishing software, it isn’t a good idea to underestimate the enemy. Clearly this attempt was a failure, but the next one might not be,” said a Webroot researcher. Source: http://news.techworld.com/security/3225759/hsbc-browser-plugin-attacked-by-trojan/


25. June 4, Bloomberg – (National) Domestic microfinance steps into the credit breach. During the credit crunch, small business owners rejected by traditional lenders found growth funding through domestic microfinance organizations geared to helping the poor and disenfranchised. Loan applications have increased in the past two years at 66 percent of microfinance groups surveyed by the Aspen Institute, a policy and research organization. While only a few microlenders were able to accommodate a majority of new applicants, those more likely to get funding were “people who were very strong small business owners who in the past would have received financing, but because the banks pretty much shut down, they did not,” said the director of Aspen’s microenterprise FIELD project, which tracks domestic microfinance and conducted the survey. Domestic microfinance will never replace traditional business lending, nor should the industry drop its primary goals of social improvement and poverty alleviation, said a venture capitalist and professor of microfinance at the University of California, Berkeley. The industry, which reported lending an aggregate $68.6 million in FIELD’s survey from financial year 2008, represents only a drop in the bucket of the U.S. credit market. But it is growing fast and has taken on new importance during the recession. Source: http://www.businessweek.com/smallbiz/content/jun2010/sb2010064_156475.htm


26. June 3, NBC Bay Area – (California) Bank robbers leave something suspicious behind. A suspicious package left behind this afternoon by bank robbers at a Wells Fargo in Cupertino, California contained a phony bomb, a police sergeant said. The Santa Clara County sheriff’s bomb squad completed inspecting the package and is allowing people to return to the bank in the 23000 block of Homestead Road. A nearby Starbucks was also evacuated, he said. The robbery happened at about 11:40 a.m. when two males wearing facemasks pulled up in a gray sedan, entered the bank and demanded money. They grabbed an undisclosed amount of cash and took off, but left behind a duffel bag or package that appeared suspicious. No one was harmed in the robbery and no weapon was seen. Source: http://www.nbcbayarea.com/news/local-beat/Bank-Robbers-Leave-Something-Suspicious-Behind-95569799.html


Information Technology


45. June 7, IDG News Service – (National) FTC examines privacy risks of copier hard drives. The U.S. Federal Trade Commission is urging the photocopier industry to address privacy risks arising from the fact that digital copiers store thousands of documents on their internal hard drives. CBS News reported in mid-April that nearly every copier built since 2002 stores images of documents that pass through the machines. The report found sensitive health and law-enforcement information on copiers ready to be resold. Xerox Corp. offers customers the option of removing the hard drives from copiers that they are about to dispose of or turn in after a lease, a company spokesman said. The copy machine maker also offers a free image-overwrite option that destroys information stored on many models’ hard drives, he said. Source: http://www.computerworld.com/s/article/350037/FTC_Examines_Privacy_Risks_of_Photocopiers


46. June 6, ComputerWorld – (International) Update: Attackers exploit critical bug in Adobe’s Flash, Reader. Adobe late Friday warned that attackers are exploiting a critical vulnerability in the company’s most widely-used software: Flash Player and Adobe Reader. The zero-day vulnerability is reminiscent of one Adobe disclosed and patched in July 2009, and comes just days after the company’s head of security admitted hackers have its software in their crosshairs. Adobe said that the bug affects Flash Player 10.0.45.2, the most up-to-date version of the popular media player, as well as older editions on Windows, Macintosh, Linux and Solaris. Also vulnerable: PDF viewer Adobe Reader 9.x and PDF creation software Adobe Acrobat 9.x on Windows, Macintosh and Unix. Hackers are already exploiting the flaw. “There are reports that this vulnerability is being actively exploited in the wild against Flash Player, Reader and Acrobat,” the company said in a security advisory issued around 3:30 p.m. PT Friday. Danish bug tracker Secunia rated the threat as “extremely critical,” the highest ranking in its five-step scoring system. The U.S. Computer Emergency Readiness Team (US-CERT), an arm of the federal Department of Homeland Security, also posted a warning of the vulnerability. Attackers exploiting the flaw may be able to hijack the targeted computer, Adobe acknowledged. Source: http://www.computerworld.com/s/article/9177705/Update_Attackers_exploit_critical_bug_in_Adobe_s_Flash_Reader


47. June 4, DarkReading – (International) Open-Source databases pose unique security challenges. As the growth in Web 2.0 applications spurs adoption of open-source databases within the enterprise, many organizations need to expand their security priorities to include these increasingly important data stores. While the security principles that drive proprietary database protection also apply to open-source databases, there are a few additional challenges to locking down such platforms, which include Postgres, Ingres, and MySQL. “This is a difficult problem,” said the CTO and analyst at Securosis. “The reason is there is very little effort or research put into security policies for the open-source databases. Comparing Oracle to Postgres, as an example, is a little like comparing Microsoft Windows to Apple’s OS: Windows may be the more secure platform now, but only a few people write exploit code for Snow Leopard. Since we don’t hear about attacks that often, we assume it’s more secure.” The market for open-source databases was at about $850 million in 2008, according to Forrester Research, which predicted that figure to increase to $1.2 billion by the end of this year. Gartner is more conservative in its prediction for the market, expecting open-source databases to be at $1 billion by 2013. Source: http://www.darkreading.com/database_security/security/app-security/showArticle.jhtml?articleID=225400064


48. June 4, Minneapolis Star Tribune – (National) Digital River sues over data breach. A massive data theft from the e-commerce company Digital River Inc. has led investigators to hackers in India and a 19-year-old in New York who allegedly tried to sell the information to a Colorado marketing firm for half a million dollars. The Eden Prairie company obtained a secret court order last month to block a suspect of Brooklyn from selling, destroying, altering or distributing purloined data on nearly 200,000 individuals. Digital River suspects that the information was stolen by hackers in New Delhi, India, possibly with help from a contractor working for Digital River. The suspect has said he got the information from India, but won’t say how or from whom. “I fully suspect that [the suspect] hacked the hacker,” said an attorney with Robins, Kaplan, Miller and Ciresi who is overseeing Digital River’s investigation. The matter came to light June 3 when a U.S. district judge convened a public status conference in the case. Source: http://www.startribune.com/local/95584209.html


Communications Sector

49. June 7, PR Web – (National) First responders launch campaign for nationwide communications network. ”The unprecedented unity in the first-responder community demonstrates how critical this communications capability is for those who put their lives on the line everyday to protect America,” the San Jose Chief of Police and Major Cities Chiefs Association President said. “Almost nine years since this need was tragically underscored on 9/11, it’s long overdue for Congress immediately to hold hearings and help keep America safe by providing this nationwide communications network, controlled and operated by public safety, not by commercial carriers.” Specifically, the Federal Communication Commission’s (FCC) National Broadband Plan calls for the auction of the 700 MHz D-Block spectrum to wireless carriers for commercial use. Public safety and numerous industry experts view the FCC’s plan for commercial carriers to build, implement and operate the system as technically, competitively and operationally flawed. The Public Safety Alliance is calling for Congressional hearings and for Congress to allocate the D-Block spectrum to public safety. The Public Safety Alliance supports H.R. 5081, the Broadband for First Responders Act of 2010, which would allocate directly to public safety the spectrum needed to establish a nationwide interoperable communications network. Source: http://www.prweb.com/releases/2010/06/prweb4099274.htm