Friday, January 13, 2012

Complete DHS Daily Report for January 13, 2012

Daily Report

Top Stories

• Fifty people were accused of conspiring to sell the identities of hundreds of Puerto Ricans to undocumented immigrants on the U.S. mainland in the largest single fraud case ever for U.S. Immigration and Customs Enforcement. – Fox News Latino; Associated Press. See item 13 below in the Banking and Finance Sector

• At least 12 people in the United States are believed to have been infected with a new strain of swine flu that is not covered by this season’s vaccine and has the potential for human-to-human transmission. – U.S. News and World Report (See item 27)

27. January 11, U.S. News and World Report – (National) 12 infected with new swine flu strain. At least 12 people are believed to have been infected with a new strain of swine flu that is not covered by this season’s vaccine, U.S. News and World Report reported January 11. The new swine flu strain, H3N2v, has shown at least some potential for human-to-human transmission in those 12 individuals, which makes it especially dangerous. The 12 people with the new swine flu strain live in Indiana, Iowa, Maine, Pennsylvania, and West Virginia. Officials for the Centers for Disease Control said the sample size of H3N2 infections is too small to know whether it will pose a threat to the population at large. H3N2v or another new flu strain could disrupt what CDC officials expected to be a relatively quiet flu season. While it is too early to tell if the new H3N2 strain (or another unexpected strain) will develop into a larger threat, the CDC admits the current vaccine will do little to help stop the virus. Source: http://www.usnews.com/news/articles/2012/01/11/12-infected-with-new-swine-flu-strain

Details

Banking and Finance Sector

11. January 12, Wausau Daily Herald – (Wisconsin) Manson Insurance officials ordered to pay $5.2M to fraud victims. Two former Manson Insurance officials must pay a total of $5.2 million restitution they scammed from customers, according to a ruling issued the week of January 9 in a Wisconsin federal court. The list of about 700 Manson victims in line to collect restitution is a who’s who of Wausau-area businesses and organizations, including the Wausau Area Hmong Mutual Association, Award Hardwood Floors, the Grand Theater Foundation, and Kolbe & Kolbe Millwork Co., according to federal court documents filed January 9. Manson’s former chief executive officer (CEO) was sentenced in October to 5 years in prison, and the company’s former treasurer was sentenced in December to 6 months in prison. The CEO was accused of forging customer signatures on loans to finance phony insurance premiums, embezzling credits from insurance companies, and fraudulently billing customers. The schemes cost more than 700 customers $9.7 million, according to court documents. An assistant U.S. attorney said January 11 the $5.2 million restitution was determined after some customers were repaid or the losses were forgiven. A third suspect, Manson’s former president, remains under investigation but has not been charged for his role in the schemes, the attorney said. Source: http://www.wausaudailyherald.com/article/20120112/WDH0101/201120474/Manson-Insurance-officials-ordered-pay-5-2M-fraud-victims?odyssey=tab|topnews|text|FRONTPAGE

12. January 12, Orlando Sentinel – (Florida) Major ID theft ring dismantled after thousands of credit cards, licenses seized from Apopka home. A major identity theft ring in central Florida was busted by Apopka police after a 2-week investigation that started with a burglar alarm, officials said January 11. The Apopka police chief and the assistant commissioner of the Florida Department of Law Enforcement (FDLE), revealed details of the cyber-crime case in a neighborhood of large homes. About 1,000 stolen Florida driver licenses and 1,000 stolen credit cards were seized from a rented home filled with property bought online with stolen identities. That property included an 8-inch stack of gift cards, and 200 pairs of high-end shoes that were still in boxes. An Apopka SWAT team arrested the suspects January 10 when serving a search warrant at the house. Three handguns were found in the house, along with at least six laptops used to order items with the stolen credit cards. The investigation has been turned over to FDLE’s Cyber Crimes Investigation Unit, which will examine all of the records and other communications in the seized laptops. The case started 2 weeks ago when police answered a burglar alarm at the house. Neighbors complained about frequent visitors, parties, and loud cars speeding on the street. Source: http://www.palmbeachpost.com/news/major-id-theft-ring-dismantled-after-thousands-of-2097540.html

13. January 12, Fox News Latino; Associated Press – (National) ICE takes down mega fake I.D. ring in Puerto Rico. Fifty people were accused of conspiring to sell the identities of hundreds of Puerto Ricans to undocumented immigrants on the U.S. mainland in the largest single fraud case ever for U.S. Immigration and Customs Enforcement (ICE), authorities said January 11. Hundreds of birth certificates, Social Security numbers, and driver’s licenses were sold for up to $2,500 a set as part of a black market ring based in Puerto Rico that operated from since at least April 2009, the ICE director said. “The vast majority were legitimate documents obtained by fraudulent or false means,” he said. The alleged ring consisted of suppliers, runners, and brokers, who made coded phone calls asking for “skirts” for female customers and “pants” for male customers in specific “sizes,” which referred to ages and identities sought, the ICE noted. The documents would be sent through priority or express mail from Puerto Rico to brokers that operated in at least 15 states including Ohio, Texas, Florida, and North Carolina, officials said. The U.S. Assistant Attorney General said suppliers even allegedly offered to exchange documents if customers were not satisfied, adding he did not know how much money was made overall. About 80 percent of the documents involved were sold by Puerto Ricans whose names were on them, officials said. Those documents often were then used to apply for a driver’s license or a U.S. passport or to commit financial fraud. The ICE director said another 20 arrest warrants were issued January 11 in separate but similar cases, with 61 of 70 suspects either arrested or whose surrender was arranged. The investigation began with a tip from police in Illinois, which led to a nearly 2-year undercover operation called “Island Express.” The 50 suspects were indicted by a federal grand jury December 29 on one charge each of conspiracy to commit identification fraud. Source: http://latino.foxnews.com/latino/news/2012/01/12/ice-take-down-largest-black-market-id-ring-in-puerto-rico/

14. January 11, WAFB 9 Baton Rouge – (Louisiana) Man creates fake checks totaling over $18M, sent to prison. A Baton Rouge, Louisiana, man was found guilty of multiple bank fraud charges following a jury trial and was sentenced to 90 months imprisonment and forfeiture of various assets, WAFB 9 Baton Rouge reported January 11. The suspect was arrested on federal charges in March 2010 by Special Agents with the U.S. Treasury Department and FBI. The defendant manufactured fraudulent checks and money orders totaling over $18 million for the purpose of selling them to others and for his personal use, including obtaining numerous vehicles. He earned over $400,000 from his illegal venture, while defrauding the Internal Revenue Service of hundreds of thousands of dollars in unpaid taxes and penalties. Source: http://www.wafb.com/story/16499670/man-creates-fake-checks-totalling-over-18m-sent-to-prison

Information Technology

38. January 11, Government Computer News – (International) Internet set for ‘most significant’ domain expansion in history. The Internet Corporation for Assigned Names and Numbers (ICANN) will begin accepting applications for new generic Top Level Domain names January 13. The ICANN, the nonprofit corporation that oversees the Internet’s Domain Name System, is moving ahead with the expansion despite concerns it poses a threat to organizations that could be forced to spend large amounts to defensively register domain names to protect trademarks and other intellectual property. Some legislators and other U.S. officials have called for a delay in the program to address these concerns. Source: http://gcn.com/articles/2012/01/11/icann-ready-top-level-domain-expansion-gtlds.aspx

39. January 11, The Register – (International) Mozilla deploys Firefox safety net for corporate mindreaders. Mozilla has pledged to update old versions of Firefox with security fixes, granting enterprises extra time to test and deploy major upgrades of the browser safe in the knowledge that vulnerabilities in existing installations will be patched. It is unclear which builds will fall onto Mozilla’s safety net, however, so IT departments are more or less left to bet on running the right versions on their corporate machines. Announced January 10, the Firefox Extended Support Release (ESR) will maintain builds of desktop Firefox for a period of 54 weeks, covering nine full releases of Mozilla’s browser, the non-profit said. Each ESR will be updated with point releases that will be limited to what Mozilla called “high-risk/impact security vulnerabilities” — those risks considered “critical” and “high.” Functional enhancements and stability fixes in new point releases will not be back ported. Source: http://www.theregister.co.uk/2012/01/11/mozilla_firefox_extended_support/

40. January 11, H Security – (International) Wireshark 1.4.x and 1.6.x updates close security holes. Versions 1.4.11 and 1.6.5 of the open source Wireshark network protocol analyzer have been released, fixing bugs and closing holes found in the previous builds. The maintenance and security updates to the cross-platform tool fix several vulnerabilities that could be exploited by an attacker to cause a denial-of-service or compromise a victim’s system. The vulnerabilities include a NULL pointer deference error when displaying packet information, issues in the file parser that cause Wireshark to fail to properly check record sizes for many packet-capture formats, and an RLC dissector buffer overflow bug. Versions 1.4.0 to 1.4.10 and 1.6.0 to 1.6.4 are affected; upgrading to the new releases fixes these issues. Source: http://www.h-online.com/security/news/item/Wireshark-1-4-x-and-1-6-x-updates-close-security-holes-1407576.html

For another story, see item 42 below in the Communications Sector

Communications Sector

41. January 12, Cape Cod Times – (Massachusetts) Verizon restores phone service in Truro. A land-line telephone outage that kept Truro Town Hall and many others in the Massachusetts town incommunicado for the entire day January 10 was resolved after nearly 13 hours, a Verizon spokesman said. The outage affected at least 200 Verizon land-line customers in Truro and was attributed to a problem in the company’s central office in Wellfleet, the spokesman said. Verizon received about 60 reports as a result of the problem. “We had technicians in the field this morning testing and verifying, and I have not heard there have been any issues with the restoral,” the spokesman said January 11. Source: http://www.capecodonline.com/apps/pbcs.dll/article?AID=/20120112/NEWS/201120318/-1/NEWSMAP

42. January 11, The Register – (International) T-Mobile ‘fesses up to secure email ban gaffe. T-Mobile was caught blocking the secure transmission of e-mails earlier in January, and VPNs too, but the operator claims the former was a mistake while the latter is a legacy from a bygone era, The Register reported January 11. The problem turned up around the end of December when some people found T-Mobile was responding to all encrypted SMTP connections, other than to its own servers, with a reset (RST) packet. That was then compounded into conspiracy when a user realized his Virtual Private Network connections were not being let though either, which turns out to be an unrelated and unfixed issue. T-Mobile employs many techniques to make sending spam over its network difficult, including blocking connections made to arbitrary SMTP mail servers. Secure connections, which are then generally authenticated with a name and password, are permitted as they are useless to spammers, but for a week or two T-Mobile’s network was rejecting secure connections as well as the insecure ones. On T-Mobile’s network, secure SMTP should work, and for most people VPNs should work too, but a failing VPN is probably down due to an old contract. Source: http://www.theregister.co.uk/2012/01/11/t_mobile_security/

43. January 11, WHNS 21 Greenville – (South Carolina; North Carolina; Georgia) WHNS broadcasting again after lightning strike, fire. WHNS 21 Greenville was once again broadcasting over its main transmitter in South Carolina January 11 after a lightning strike and subsequent fire took it off the air earlier in the day. Engineers said a lightning strike traveled into the transmitter house on a phone line, which caused a fire and damaged equipment necessary to broadcast a signal about 1 p.m. By 7 p.m., the transmitter was broadcasting again. Source: http://www.foxcarolina.com/story/16497730/whns-transmitter-out-until-tonight-for-some-viewers