Wednesday, April 11, 2012

Complete DHS Daily Report for April 11, 2012

Daily Report

Top Stories

• More than 60 percent of energy security experts said current smart meters are not secure enough against false data injection attacks, according to a new survey. – Homeland Security Newswire

2. April 10, Homeland Security Newswire – (International) Industry insiders: Insufficient security controls for smart meters. False data injection attacks exploit the configuration of power grids by introducing arbitrary errors into state variables while bypassing existing techniques for bad measurement detection; experts say the current generation of smart meters are not secure enough against false data injection attacks, Homeland Security Newswire reported April 10. nCircle recently announced results of a survey of 104 energy security professionals. The survey was sponsored by nCircle and EnergySec, a Department of Energy-funded public-private partnership that works to enhance cyber security of electric infrastructure. The online survey was conducted March 12 to 31. When asked, “Do smart meter installations have sufficient security controls to protect against false data injection?” 61 percent of respondents said “no.” Source: http://www.homelandsecuritynewswire.com/dr20120410-industry-insiders-insufficient-security-controls-for-smart-meters

• Updated data shows about 780,000 people had personal information stolen by hackers who breached Utah health department computers. Approximately 280,000 people had their Social Security numbers taken. – Utah Department of Health

30. April 9, Utah Department of Health – (Utah) Data breach expands to include more victims. The Utah Department of Technology Services (DTS), along with the Utah Department of Health (UDOH) announced April 9 that up to 255,000 additional people had their Social Security numbers listed in data stolen by thieves from a computer server the week of April 2. These latest victims are people whose information was sent to the state by their health care provider through a Medicaid Eligibility Inquiry to determine status as possible Medicaid recipients. The DTS has started identifying additional victims, and the state will send letters directly to them. Some of the 255,000 Social Security numbers were not accompanied by any other identifying information (such as names and addresses), so DTS will likely need to coordinate with other agencies to identify and notify these individuals. As many as 350,000 additional people may have had other, less-sensitive information, such as their names, birth dates, and addresses accessed through eligibility inquiries. These people will also receive a letter alerting them to the situation. However, priority will be placed on alerting those who had their Social Security numbers stolen first. It is now believed that about 280,000 victims had their Social Security numbers stolen, and about 500,000 other victims had less-sensitive personal information stolen. Source: http://udohnews.blogspot.com/2012/04/data-breach-expands-to-include-more.html

• Twelve people were evacuated from a Boston apartment building, and four police officers and an ambulance crew were hospitalized after a woman committed suicide by ingesting a toxic chemical. – Boston Globe

44. April 10, Boston Globe – (Massachusetts) Police officers, ambulance crew taken to hospital after toxic suicide in South End. Twelve people were evacuated from an apartment building in the South End area of Boston, and four police officers and an ambulance crew were taken to a hospital after a woman committed suicide April 9 inside an apartment by ingesting a toxic chemical, fire officials said. The Boston deputy fire chief said at the HAZMAT scene that the woman ingested the chemical on the first floor and was later pronounced dead at the hospital. He said four police officers and the ambulance team of two EMS workers were quarantined at the hospital to determine whether they were affected by the substance. He said the woman is believed to have ingested sodium azide, a chemical used to make airbags. “But it can metabolize into some kind of cyanide,” he said. He said April 10 crews were preparing to reenter the apartment building to see if it presented a safety risk, a process expected to take a few hours. He also said the officers and EMS workers who were quarantined did not appear to be showing signs of being adversely affected by the chemical. Source: http://www.boston.com/Boston/metrodesk/2012/04/police-officers-ambulance-crew-taken-hospital-after-suicide-sparks-hazmat-scene-south-end/da0IFfoxlNkIAWwHXzJ9TK/index.html

• Wildfires burned thousands of acres of national forest land in five Virginia counties April 9. – Waynesboro News Virginian

50. April 10, Waynesboro News Virginian – (Virginia) Wildfires a concern in Virginia, and in the valley. Waynesboro, Virginia, spent much of April 9 under a Red Flag Alert for forest fires because of conditions that included extreme dryness, high winds, and low humidity. A deputy Waynesboro fire chief said it was important for residents to be careful of any kind of outside fire because of the weather conditions. Meanwhile, April 9, wildfires were burning hundreds of acres of national forest land in five Virginia counties. Media outlets reported fires burned more than 1,100 acres in the George Washington-Jefferson National Forest in Botetourt, Craig, and Alleghany counties. Fire officials said at least 50 acres burned in Shenandoah County. A wildfire in Page County burned 621 acres. Authorities said the fires do not threaten any structures, and no injuries were reported. Several roads and trails were closed in the forest in Shenandoah County. The Potts Mountain Jeep Trail in Botetourt County also was closed. Source: http://www2.newsvirginian.com/news/2012/apr/10/wildfires-concern-virginia-and-valley-ar-1830082/

Details

Banking and Finance Sector

13. April 10, Reuters – (New York) President of First Class Equities pleads guilty to $66 million mortgage fraud. The president of a New York brokerage firm pleaded guilty April 9 to conspiracy in a $66 million mortgage fraud scheme. The president of First Class Equities pleaded guilty to one count of conspiracy to commit wire fraud and bank fraud in a New York federal court, the U.S. attorney’s office said. It said the former president and his firm recruited “straw buyers” — people who posed as home buyers to purchase distressed properties, but who had no intention of paying the mortgages. Instead, the bank loans to buy the properties were transferred to the president and his co-conspirators. Court papers said the Long Island-based firm ran the fraud from 2004 to 2009. The president was charged in August 2011, along with 13 others. Source: http://www.huffingtonpost.com/2012/04/09/gerard-canino-mortgage-fraud_n_1413697.html

14. April 10, FBI – (Minnesota) Federal jury convicts bank officer and customer in connection with multi-million-dollar check-kiting scheme. A federal jury found a former Minnesota bank officer and a bank customer guilty of fraud April 10. Their crimes were related to the customer’s multi-million-dollar check-kiting scheme and a loan scheme orchestrated in an effort to conceal the check-kiting from the bank’s board. The jury convicted the former president of Pinehurst Bank in St. Paul with five counts of misapplication of bank funds. The bank customer was convicted on two counts of bank fraud and one count of theft from an employee benefit plan. The bank’s former chief credit officer and senior vice president was acquitted on all counts. Evidence presented at trial showed that from March 6, 2009 through January 29, 2010, the former president concealed the customer’s check-kiting scheme by putting in place a series of fraudulent loans. The five loans, totaling $1.9 million, were issued to straw borrowers for the purpose of covering $1.85 million in overdrafts resulting from bad checks written by the customer as part of his check-kiting scheme. The customer kited increasingly larger-dollar bad checks between Pinehurst and another bank, not named in the charging documents, until late February 2009, when the second bank discovered the scheme and returned over $1.8 million in bad checks to Pinehurst. Source: http://7thspace.com/headlines/409853/federal_jury_convicts_bank_officer_and_customer_in_connection_with_multi_million_dollar_check_kiting_scheme.html

15. April 9, U.S. Securities and Exchange Commission – (California) SEC settles fraud charges against Silicon Valley man. The U.S. Securities and Exchange Commission (SEC) April 9 charged a San Jose, California man who raised millions for two Internet start-ups by falsely promising investors his companies were on the verge of undergoing successful initial public offerings (IPO). The SEC says he lured investors into Web-based start-ups hereUare, Inc. and eCity, Inc. by falsely telling them the firms would go public within a matter of months and generate millions in quick returns. In truth, he had no plans to take the companies public and relied solely on investor funds to stay in business. Ultimately, when investor funds ran out by the end of 2008, he was forced to shut down operations. According to the SEC’s complaint, he raised more than $6.2 million from investors for hereUare in 2007 and 2008, and raised $880,000 in investor funds for eCity in 2008. In presentations to prospective investors, he held himself out as a wealthy venture capitalist with prior IPO experience. He told prospective investors the companies had lucrative deals and patents, and that he had retained Goldman Sachs and an international law firm to help take the companies public within 6 months. According to the SEC, all of these representations were false. Source: http://www.sec.gov/news/press/2012/2012-57.htm

16. April 9, Darien Times – (Connecticut; Massachusetts; Rhode Island) ATM skimmer pleads guilty; Darien Police commended for work in case. The Connecticut U.S. Attorney’s Office specifically recognized the efforts of the Darien Police and other local departments for their assistance in the investigation and prosecution of a Turkish citizen who pleaded guilty April 9 to bank charges that involved automated teller machine skimming across three states. According to court documents and statements made in court, between February and July 2011, the defendant and others conspired to install skimming devices on automated teller machines at 11 banks and 1 credit union in Connecticut, Massachusetts, and Rhode Island. As a result of this scheme, more than 250 bank accounts were victimized, and financial institutions have suffered losses of about $336,057.64, according to the courts. Source: http://www.darientimes.com/news/darien-features/local-news/5002793.html

17. April 9, Asheville Citizen-Times – (North Carolina) Seven Falls developer, others indicted in Asheville on bank fraud charges. The developer of the stalled Seven Falls luxury community in Henderson County, North Carolina, and four other people were indicted on criminal charges they broke banking laws while trying to keep the project afloat, the Ashville Citizen-Times reported April 9. Bank of Asheville and Pisgah Community Bank made $4.6 million in loans to fake borrowers who then gave the money to participants to provide funds for Seven Falls or to benefit the participants directly, the indictment says. The scheme occurred from August 2006 to April 2010. In addition, the indictment says the developer stole more than $4 million from a fund set up by an Ohio investor to pay for roads and utilities in a Rutherford County development, Queens Gap, that he had an ownership interest in. He spent very little of the funds on Queens Gap and used the money instead to make payments on loans taken out as part of the scheme and for personal uses. According to the indictment, after obtaining a $25 million development loan, the Seven Falls Golf and River Club LLC sold about 70 lots at prices between $250,000 and $650,000. Sales stalled in 2008 and the developer and two accomplices generated money for the development by recruiting “straw” borrowers to borrow money to buy lots at Seven Falls. Straw buyers got kickbacks for their participation and loan settlement statements were falsified. The indictment says participants used loan proceeds in part to repay other loans that were coming due, for personal use, and to temporarily get troubled loans off bank books to evade detection by bank regulators. The indictment lists 21 counts of wire fraud, misapplication of bank funds, conspiracy to commit money laundering, and money laundering. Source: http://www.citizen-times.com/article/20120410/NEWS/304100006/Seven-Falls-builder-indicted?odyssey=tab|topnews|text|Frontpage

Information Technology

38. April 10, Bloomberg – (International) Anonymous blamed for attacks on technology group websites. Two technology trade associations said they were targeted by the hacker-activist group Anonymous as it singled out supporters of proposed legislation to improve U.S. cybersecurity. Anonymous claimed credit for denial-of-service assaults on the TechAmerica and USTelecom Web sites, according to the associations representing companies including IBM, Apple, and AT&T. Such offensives typically involve flooding a Web site with traffic, causing it to crash. The organizations said the attacks amount to reprisal for supporting the legislation, among cybersecurity bills under consideration by Congress, designed to encourage companies and government agencies to voluntarily share information about cyber threats. Users could not connect to the Web site for USTelecom, which represents telephone companies led by AT&T, Verizon, and CenturyLink, starting April 8 and the site was “up and down” April 9 as technicians worked to restore service, said a spokeswoman. The Web site of TechAmerica, whose members include IBM, Microsoft, and Apple, was not loading April 9. The attack began April 8 and the association was working April 9 to get the site back up, a TechAmerica spokeswoman said. The trade groups support cybersecurity legislation introduced by the chairman and ranking member of the House Intelligence Committee. Source: http://www.bloomberg.com/news/2012-04-09/anonymous-blamed-for-attacks-on-ustelecom-group-websites.html

39. April 10, U.S. Immigration and Customs Enforcement – (California; International) California man charged with trafficking counterfeit computer software. A Lakewood, California, man made his initial appearance in federal court April 9 following his arrest by U.S. Immigration and Customs Enforcement’s Homeland Security Investigations special agents for importing more than 1,000 counterfeit Microsoft Office CD-ROMs and selling them to unsuspecting customers over the Internet. The man is charged in a four-count federal indictment following the seizure of two shipments of Microsoft Office Professional Edition 2007 software CD-ROMs. Specifically, the indictment charges the man with two counts of trafficking counterfeit goods and two counts of smuggling. If convicted of all charges, he faces a maximum sentence of 60 years in federal prison. Source: http://www.claimsjournal.com/news/west/2012/04/10/204645.htm

40. April 9, Ars Technica – (International) Rise of ‘forever day’ bugs in industrial systems threatens critical infrastructure. The number of security holes that remain unpatched in software used to control refineries, factories, and other critical infrastructure is growing. These holes are becoming so common that security researchers have coined the term “forever days” to refer to the unfixed vulnerabilities, Ars Technica reported April 9. The latest forever day vulnerability was disclosed in robotics software marketed by ABB, a maker of industrial control systems for utilities and factories. According to an advisory issued the week of April 2 by the U.S. Cyber Emergency Response Team, the flaw in ABB WebWare Server will not be fixed even though it provides the means to remotely execute malicious code on computers that run the application. “Because these are legacy products nearing the end of their life cycle, ABB does not intend to patch these vulnerable components,” the advisory stated. The notice said the development of a working exploit would require only a medium skill level on the part of the attacker. Forever day is a play on “zero day,” a phrase used to classify vulnerabilities that come under attack before the responsible manufacturer has issued a patch. Also called iDays, or “infinite days” by some researchers, forever days refer to bugs that never get fixed — even when they are acknowledged by the company that developed the software. In some cases, rather than issuing a patch that plugs the hole, the software maker simply adds advice to user manuals showing how to work around the threat. Source: http://arstechnica.com/business/news/2012/04/rise-of-ics-forever-day-vulnerabiliities-threaten-critical-infrastructure.ars

Communications Sector

41. April 9, WEAU 13 Eau Claire – (Wisconsin; Michigan) Verizon explains outage. Verizon Wireless customers were out of luck in parts of Wisconsin and Michigan April 9, waiting for service. A Verizon statement explained the outage: “Due to a network issue impacting our switch operations in the Appleton/Green Bay area, customers in northern Wisconsin and Upper Michigan experienced a disruption in voice and text messaging service from approximately 12:45 – 3 p.m. central time [April 9]. Data services were also temporarily impacted as operations were restored. Verizon is working diligently to identify the root cause of the issue.” Source: http://www.weau.com/news/headlines/146713415.html

For more stories, see item 38 above in the Information Technology Sector

No comments: