Department of Homeland Security Daily Open Source Infrastructure Report

Thursday, July 8, 2010

Complete DHS Daily Report for July 8, 2010

Daily Report

Top Stories

• The Associated Press reports that a former cargo handler on a reconnaissance mission in an alleged plot to blow up New York’s John F. Kennedy International Airport marveled at the lack of security for jet fuel storage tanks there, according to tapes played July 6 at his terror trial. (See item 3)

3. July 6, Associated Press – (New York) Terror defendant scoffed at JFK security. A former cargo handler on a reconnaissance mission in an alleged plot to blow up New York’s John F. Kennedy International Airport marveled at the lack of security for jet fuel storage tanks there, according to tapes played July 6 at his terror trial. “You can’t believe how a place like Kennedy can be so (lax),” the former cargo handler said in a videotape recorded in January 2007. “No soldier. Nothing at all. ... The tanks ain’t got one person.” The grainy videotape of cargo handler in a front passenger seat was played in federal court in Brooklyn, New York during the testimony by another person, who went undercover to make a series of secret tapes. Prosecutors say the 66-year-old cargo handler, a naturalized U.S. citizen from Guyana, and his accomplice wanted to kill thousands of people and cripple the American economy by using explosives to blow up the fuel tanks. Source: http://www.google.com/hostednews/ap/article/ALeqM5imyS6Rxh0dCsz_QlXiqWrCjtdtEwD9GPPLDO0

• The Associated Press reports that reservoirs along the U.S.-Mexico border have reached their highest levels in decades following days of drenching rain. Water behind the binational Amistad Dam on the Rio Grande was at its highest level since 1974, forcing officials to release water from it at the fastest rate in a quarter century. (See item 42)

42. July 7, Associated Press – (Texas; International) Mexico, Texas evacuate homes as Rio Grande floods. Reservoirs along the U.S.-Mexico border have reached their highest levels in decades following days of drenching rain. That has forced officials to dump water into flooded rivers, with yet another storm on the way. Mexican officials evacuated nearly 18,000 people from houses in Ciudad Anahuac for fear that water would overflow the Venustiano Carranza dam and threaten lives. Water behind the binational Amistad Dam on the Rio Grande was at its highest level since 1974, according to the International Boundary and Water Commission, forcing officials to release water from it at the fastest rate in a quarter century. The Commission said the downstream Falcon dam would probably reach capacity within the next few days, suggesting future releases there will raise water levels along the river’s lower reaches. Much of that downstream area is protected against flooding by levees, but Mexico’s National Water Commission said it was worried about low-lying settlements, most built by poor people without official permission. Twenty floodgates had been opened by late Tuesday at the Venustiano Carranza Dam, which was releasing 600 cubic meters per second into the Salado River, a tributary of the Rio Grande. Officials were also evacuating 2,000 people near the swollen Rio Escondido. In Texas, authorities evacuated the Vega Verde neighborhood of Del Rio as more water was being released from the Amistad Lake, just upstream. One of three international bridges connecting Laredo, Texas and Nuevo Laredo, Mexico, was ordered closed as the Rio Grande rose dramatically. The water is expected to rise to 38.5 feet — high enough to touch but not run over the bridge. Source: http://www.google.com/hostednews/ap/article/ALeqM5iJtis-T41gWr2Rm65LgE_HTKE3GgD9GQCAP80

Details

Banking and Finance Sector

9. July 7, KTAR 92.3 Phoenix – (Arizona) New twist to ATM scams. Latest reports indicate that clear plastic overlays are being placed on top of the PIN pad to capture personal identification numbers in addition to card-skimming devices, helping scammers to steal even more of your personal information at ATMs. Thieves are also attacking outside the ATM. “In the past, we’ve had some elaborate schemes where they’ve actually put them inside credit devices that you would use — whether it would be at the gas pump or something like that,” said a Phoenix Police sergeant. Source: http://ktar.com/?nid=6&sid=1312252


10. July 7, Gainesville Sun – (Florida) Hidden credit card skimmer found in local gas pump. An alert technician found a device on a gas pump apparently designed to capture credit card information. The device, known as a credit card skimmer, was seized by the Alachua County Sheriff’s Office. It was not immediately clear whether any credit card information was stolen or used illicitly. The small device wrapped in black electrical tape was found July 5 inside a Shell station in Gainesville, Florida. The device would not have been visible to those using the credit card reader to pay for their gas and was wired between the card scanner and the computer board of the pump, according to a sheriff’s spokesman. The device was similar to those found at other stations along Interstates 75 and 95 in Florida and that it could have been installed in less than two minutes by someone who knew what he or she was doing. It did not appear the pump had been damaged by someone opening it, so the device was likely installed by someone with a universal gas pump key. Source: http://www.gainesville.com/article/20100707/ARTICLES/100709681/1109/sports?Title=Hidden-credit-card-skimmer-found-in-local-gas-pump


Information Technology


34. July 7, The Register – (International) Trojan skewers security software with Windows. Security watchers have discovered a Trojan that uses built-in Windows functionality to overwrite security software and compromise systems by disguises itself as an antivirus update package. The malware uses Windows input method editor (IME) to inject a system technology that normally creates a means for users to enter characters not supported with their input device, such as Chinese or Japanese. It then kills any running antivirus processes and deletes the installed antivirus executable files. The attacks show that malware writers have begun using Windows input methods to infect vulnerable systems. Source: http://www.theregister.co.uk/2010/07/07/ime_trojan/


35. July 7, PC World – (International) Apple: 400 iTunes accounts hacked. Apple now admits 400 iTunes accounts were hacked and used by a Vietnamese developer to push his iPhone apps to best seller status over the weekend by purchasing his own apps using hacked iTunes accounts. At one point, the developer’s apps occupied 42 of the top 50 apps sold in the Books section, and users reported purchases of up to $500 with their accounts. Apple downplayed the attack, however, pointing out that 400 accounts equals 0.0003 percent of the over 150 million iTunes account holders. The downplaying of the hack comes as little consolation to many who believed Apple’s walled garden would offer protection from rogue developers and hackers. The hacker’s apps had been removed from the App Store because he “violat[ed] the developer Program License Agreement, including fraudulent purchase patterns,” Apple said. The company also claims that its iTunes servers were not compromised in any way. Source: http://www.pcworld.com/article/200618/apple_400_itunes_accounts_hacked.html


Communications Sector

36. July 7, BusinessDay – (International) ‘Dreaded’ fault in undersea cable stymies internet. A fault in the Seacom undersea cable that runs along Africa’s east coast has interrupted internet access for millions, including local users. Seacom said July 6 that its undersea cable system had collapsed, disrupting services from Kenya to India and Europe. The undersea cable has been in operation for a year and provides broadband internet access. A Seacom representative said initial investigations had revealed that there was a fault on the component that amplified the signal, and he warned repairs could take up to a week. “The actual duration is unpredictable due to external factors such as transit time of the ship, weather conditions and time to locate the cable,” he said. The outage affects all internet service providers which use Seacom for international bandwidth. Source: http://www.businessday.co.za/articles/Content.aspx?id=113943