Monday, December 12, 2011

Complete DHS Daily Report for December 12, 2011

Daily Report

Top Stories

• The Lockheed Martin RQ-170 Sentinel spy drone — designed to be virtually invisible to radar and which carries advanced communications and surveillance gear — that Iran claims to have shot down, was shown on the nation’s state-owned Press TV channel December 7. – Bloomberg (See item 6)

6. December 9, Bloomberg – (International) Iran shows off downed U.S. spy drone on TV as U.S. assesses loss of technology. The downed Lockheed Martin RQ-170 Sentinel spy drone, which is designed to be virtually invisible to radar and carries advanced communications and surveillance gear, made a 2 and a half minute television debut December 7 on Iran’s state-owned Press TV channel. U.S. intelligence officials are assessing the apparent loss of its highly classified technology. The official Iranian Republic News Agency reported the foreign ministry December 7 protested the “violation of Iran’s airspace by a U.S. spy drone on [December] 4,” the day Iranian forces claimed to have shot down the aircraft, 140 miles inside the Iranian border from Afghanistan. Several U.S. officials said the greatest concern is access to the aircraft could give Russian or Chinese scientists insight into its flight controls, communications gear, video equipment, and any self-destruct or return-to-base mechanisms. In addition, they said, the remains of the RQ-170 could help a technologically sophisticated military or science establishment develop infrared surveillance and targeting technology that under some conditions are capable of detecting stealth aircraft such as drones, and the new Lockheed Martin F-35s. Source: http://www.bloomberg.com/news/2011-12-09/iran-shows-off-downed-spy-drone-as-u-s-assesses-technology-loss.html

• Four residents of Romania were charged for their alleged participation in a multimillion-dollar scheme to remotely access point-of-sale systems at more than 150 Subway restaurants and other U.S. merchants, and steal payment card data of more than 80,000 customers. – IDG News Service (See item 22)

22. December 8, IDG News Service – (International) Four charged with hacking point-of-sale computers. Four residents of Romania have been charged for their alleged participation in a multimillion-dollar scheme to remotely access point-of-sale systems (POS) at more than 150 Subway restaurants and other U.S. merchants, and steal payment card data, the U.S. Department of Justice (DOJ) said. The four-count indictment, unsealed December 7, charges the four Romanians with conspiracy to commit computer fraud, wire fraud, and access device fraud. From 2008 until May 2011, the four suspects conspired to remotely hack into more than 200 U.S.-based merchants’ POS or “checkout” computer systems to steal customers’ credit, debit, and gift card numbers and related data, the DOJ said. Subway restaurant systems were compromised in New Hampshire, New York, California, and elsewhere, according to the indictment. A POS system allows merchants to process customer purchases and typically includes a computer, monitor, credit-card processing system, signature capture device, and a customer pin pad device. The four compromised the payment card data of more than 80,000 customers, and made millions of dollars worth of unauthorized purchases, the DOJ said. Source: http://www.computerworld.com/s/article/9222520/Four_charged_with_hacking_point_of_sale_computers?taxonomyId=17

Details

Banking and Finance Sector

7. December 9, Associated Press – (International) Anarchists claim letter bomb at Italy tax office; same group hit Deutsche Bank. A letter bomb exploded December 9 at an office of Italy’s tax collection agency, wounding the organization’s director. Police said an Italian anarchist group that sent a letter bomb to Deutsche Bank in Frankfurt, Germany, December 7 claimed responsibility. A Rome police official said the December 9 bomb was contained in a yellow bubble envelope mailed to the director’s attention at an Equitalia office outside Rome. The tax agency director underwent surgery after suffering injuries to a hand and his face, caused when a glass desktop was shattered by the explosion, an Equitalia official told the ANSA news agency. Italy’s Anarchist Federation claimed responsibility. The note included in the package was “very similar” to that contained in the Deutsche Bank letter bomb, which did not explode, a police official said. The group, known in Italy as FAI, warned in its Deutsche Bank note there would be three “explosions” in its latest campaign. Last year around Christmas, the anarchist group sent package bombs to three Roman embassies, injuring two. On December 7 in Frankfurt, a routine mailroom screening found a bomb in a small package addressed to the Deutsche Bank chief executive officer. The explosive was deactivated without incident. Tucked next to the bomb was a letter of responsibility. Written in Italian, it promised “three explosions against banks, bankers, ticks and bloodsuckers,” according to the Hesse state criminal office. Germany’s federal prosecutors’ office, responsible for national security and terrorism probes, said December 9 it is taking over the investigation. The letter contained about 50 grams of explosive and a fully functional trigger, it said. Source: http://www.washingtonpost.com/world/europe/italian-police-say-package-bomb-explodes-at-tax-collection-office-in-rome-injuring-1/2011/12/09/gIQAWzfihO_story.html

8. December 9, Chicago Tribune – (Illinois) Lawyer found guilty in home mortgage fraud scheme. A federal jury convicted a veteran Chicago criminal-defense lawyer December 8 of taking part in a $9 million mortgage fraud scheme that took advantage of unqualified home buyers in economically depressed neighborhoods in the city. He was convicted of five counts of mail and wire fraud, according to the U.S. attorney’s office in Chicago. He and three others allegedly acquired at least 40 residences — often homes in need of extensive repairs — and quickly resold them at inflated prices. Two of the men allegedly financed the purchases. The other two defendants allegedly recruited unqualified buyers by enticing them with false sales offers and promises of prompt repairs and renovations, according to court documents. Prosecutors alleged the criminal-defense lawyer and others urged buyers to sign closing documents they had never seen, and falsely inflated the amount of money posted by buyers for down payments, making it more likely lenders would approve loans. The scheme allegedly took place from 2002 to 2006 and defrauded banks, mortgage lenders, and the U.S. Department of Housing and Urban Development. Prosecutors are seeking forfeiture of at least $4.2 million. Source: http://www.chicagotribune.com/news/local/ct-met-attorney-mortgage-fraud-20111209,0,2144418.story

9. December 8, Deseret News – (California; Utah) Man arrested, charged in Utah-based investment fraud scheme. An investment manager was arrested December 8 in San Diego for his alleged role in a $25 million investment fraud. He has been charged with four counts of wire fraud and one count of making and subscribing a false income tax return, according to an indictment unsealed December 8 in the District of Utah. He was the chief executive officer (CEO) and managing partner of Utah-based US Ventures, founded in 1999. According to the indictment, he recruited investors from October 2005 to April 2007 by making false representations about the firm. It states he falsely claimed US Ventures used proprietary trading software that was consistently profitable; it had more than $32 million under management and generated returns of 0.8 percent per trading day; and it would retain a 30 percent share of investors’ profits as a management fee. The indictment states US Ventures raised more than $25 million from investors. The CEO allegedly generated and distributed reports to investors containing false daily returns, when US Ventures actually was steadily losing money. Between October 2005 and April 2007, the investment firm lost more than $10 million in trading, the indictment states. It says profit figures listed in the reports also were fabricated. The CEO and US Ventures also made “profit distributions” to investors that consisted of funds solicited from new investors, the indictment ates. It also alleges the CEO misappropriated investors’ funds to support his lavish lifestyle, and his then-wife’s eBay business. In 2006, he diverted more than $1.2 million to a business account used for his personal use, according to the indictment. He filed a personal tax return for that year claiming gross income of $27,500. Source: http://www.deseretnews.com/article/705395561/Man-arrested-charged-in-Utah-based-investment-fraud-scheme.html

10. December 8, Santa Rosa Press Democrat – (California; International) Credit , debit scam hits more than 1,000 Ukiah-area bank customers. Hundreds of Ukiah, California area residents had their credit and debit card information breached the week of December 5, resulting in fraudulent charges and blocked and canceled cards. The illegal usages were made outside of the county, a Ukiah police detective said. Illegal transactions occurred as far away as Milan, Italy. The department is following leads to determine how and where the breach occurred, and whether it could be related to the Lucky’s Supermarket card skimming incident, he said. The breach affected debit and credit cards issued by multiple banks in the Ukiah area, but is not believed to have occurred within the institutions, he said. As a precaution, Savings Bank of Mendocino County blocked access to about 1,000 debit cards that Master Card notified them could have been compromised, a bank spokeswoman said. Only a small percentage of those account holders reported their accounts were accessed by an unauthorized party, she said. Other area banks also were blocking at-risk debit and credit cards, the detective said. He suspects there were multiple skimming devices being used to steal information from credit and debit card scanners. Source: http://www.pressdemocrat.com/article/20111208/ARTICLES/111209524/1036/business?p=all&tc=pgall

11. December 8, Brownsville Herald – (Texas) More victims of RGV scam located, facing credit card charges. Police investigators located three victims in Brownsville, Texas, of a scam that involves stealing the identity of Rio Grande Valley residents who recently died, the Brownsville Herald reported December 8. Detectives estimate the scammers charged more than $100,000 at local stores like Lowes, Best Buy, Home Depot, and K-Mart, a Brownsville police spokesman said. The scam starts with a newspaper obituary as scammers read about a death and called the family, posing as a life insurance agent. They collect personal information about the person who died, and use it to add themselves as an authorized user on a credit card, police reports said. Investigators are working with the McAllen Police Department and La Feria Police to locate more victims. The police spokesman said the investigation will likely span months as detectives try to locate all the victims and unearth the total amount spent by the scammers. Brownsville police arrested two men in connection with the scam the week of November 28, but do not know how many in total are involved in the crime ring. Those men face charges of fraudulent use of identifying information, credit card abuse, and engaging in organized criminal activity. Source: http://www.brownsvilleherald.com/news/brownsville-134634-located-victims.html

12. December 8, Associated Press – (California) Ex-CA fund manager indicted in $20M Ponzi scheme. A former California fund manager was charged with defrauding investors out of at least $20 million as part of a Ponzi scheme. He was charged December 7 with 41 felony counts, including loan fraud and obstruction of justice. If convicted of all counts, he faces life in prison. He is scheduled to surrender to federal authorities in Los Angeles December 9 when he is expected to be arraigned. Prosecutors said the man told investors he would use their money to purchase corporate bonds backed by the Troubled Asset Relief Program. Instead, they said, the man funneled the money to support his family’s lavish lifestyle. He was charged with 10 counts. Source: http://www.sfgate.com/cgi-bin/article.cgi?f=/n/a/2011/12/08/state/n134018S06.DTL

13. December 8, New York Times – (National) Trader pleads guilty in 17-year investment scheme. A trader implicated in a 17-year scheme pleaded guilty December 8 to receiving confidential tips about company takeovers from a lawyer who worked at some of the nation’s most prestigious law firms. He pleaded guilty in a federal court in Newark, New Jersey, to insider trading, obstruction of justice, and money laundering in a conspiracy that netted some $37 million. In addition to forfeiting money earned off the trades as well as homes purchased with the proceeds, he could face as much as 25 years when sentenced on the four felony counts in March 2012. The scheme is among the more complex unveiled in the midst of a federal crackdown on insider trading. Prosecutors alleged the relatively anonymous trader received tips from a journeyman lawyer who worked at some of the biggest deal-making law firms in the country. The tips were not shared directly. They were passed, for 17 years, through a middle man who both men knew, according to charges filed. Starting in 1994, he passed some 30 tips about clients of the powerhouse merger and acquisitions teams he worked with at Cravath Swaine & Moore; Skadden, Arps, Meagher & Flom; Fried Frank; and Wilson Sonsini. After trading on the tips, the trader would withdraw tens of thousands of dollars in profits from ATMs and deliver them to the middle man. The middle man pleaded guilty to charges of insider trading in April, admitting his role in the scheme. Source: http://dealbook.nytimes.com/2011/12/08/investor-pleads-guilty-in-17-year-insider-trading-scheme/

For another story, see item 22 above in Top Stories

Information Technology

33. December 8, Computerworld – (International) Microsoft plans 20 patches next week, will fix Duqu and BEAST bugs. Microsoft announced December 8 it will issue 14 security bulletins the week of December 12 to patch 20 vulnerabilities in Windows, Internet Explorer (IE), Office, and Windows Media Player. Among the patches will be ones that plug the hole used by the Duqu intelligence-gathering trojan, and fix the secure socket layer 3.0 and transport layer security 1.0 bug popularized 3 months ago by the Browser Exploit Against SSL/TLS hacking tool. Three of the 14 updates were tagged with Microsoft’s “critical” label, while the remaining 11 were marked “important.” Bugs in 10 of the updates could be exploited by attackers to remotely plant attack code on unpatched PCs, Microsoft said in its monthly advance notification that precedes each Patch Tuesday. A number of those bulletins were pegged as important, a move Microsoft makes when the bugs cannot easily be exploited because the pertinent components are not switched on by default, or because defensive technologies like ASLR and DEP help protect users. Source: http://www.computerworld.com/s/article/9222530/Update_Microsoft_plans_20_patches_next_week_will_fix_Duqu_and_BEAST_bugs?taxonomyId=17

For more stories, see items 34, 35, and 36 below in the Communications Sector

Communications Sector

34. December 9, Tampa Tribune – (Florida) Verizon outage hits long-distance. Much of Verizon’s long-distance telephone service in Florida turned off December 8 after a piece of network equipment broke down near Orlando. The outage appeared to start about 1:30 p.m., a Verizon spokesman said. By 5:37 p.m., the system was back to normal, he said. The outage affected some data services that travel over long-distance lines, including some wide-area networks at companies. Depending on how calls were routed, customers trying to call to or from Tampa received error messages. Verizon provides service to about 1 million access lines in Pinellas and Hillsborough counties, and portions of Polk, Pasco, Manatee, and Sarasota counties. Local phone service did not appear to be affected, and Verizon’s cellular service appeared to be functioning as well. Source: http://www2.tbo.com/news/news/2011/dec/09/menewso1-verizon-outage-hits-long-distance-ar-332760/

35. December 8, Sioux Falls Argus Leader – (South Dakota) Cell service suffers second outage. A backhoe operator near Chamberlain, South Dakota, accidentally cut a CenturyLink fiber optic line December 8, just 200 feet from where it was severed December 6, knocking out cell phone service for central South Dakota AT&T customers, and affecting some state government services, including the state lottery. The mid-morning outage lasted about 5 hours and did not affect 911 service, a CenturyLink spokesman said. The fiber line fed data to six cellular towers, and an AT&T spokesman said customers in Pierre, Winner, and Okreek lost voice and data service. Verizon customers were not affected. The deputy commissioner of the bureau of information and telecommunications said the state government uses CenturyLink for local calling in larger cities. CenturyLink crews fully repaired the line by 4 p.m. Source: http://www.argusleader.com/article/20111209/NEWS/312090009/Cell-service-suffers-second-outage

36. December 8, Florida Today – (Florida) Line cut disrupts phone, Internet service in West Melbourne, Palm Bay. An AT&T line cut the morning of December 8 caused telephone and Internet disruptions for as many as 6,000 telephone and Internet customers in West Melbourne and Palm Bay, Florida. The outage could have lasted until the morning of December 10. A contractor for West Melbourne cut the line while working on a waterline project on Minton Road, the city manager said. The outage impacted customers differently, he said; some had phone, but not Internet service, others had Internet, but not phone, while more were without both services. Included in those without services were the West Melbourne City Hall and the police department. The outage did not affect emergency medical, fire, and police calls to 9-1-1. Source: http://www.floridatoday.com/article/20111208/BREAKINGNEWS/111208007/Line-cut-disrupts-phone-internet-service-West-Melbourne-Palm-Bay