Wednesday, March 20, 2013
Complete DHS Daily Report for March 20, 2013
• About 103,000 Alabama Power customers were still without electricity after a severe storm knocked out power in locations across the State. – Associated Press
1. March 19, Associated Press – (Alabama) More than 100,000 still without power after storms. About 103,000 Alabama Power customers were still without electricity after a severe storm knocked out power in locations across the State. Source: http://www.wdef.com/news/state/story/More-than-100-000-still-without-power-after-storms/xeqHXgn8qEuFczcTvE0_9g.cspx
• A former defense contractor was sentenced to prison for purchasing pirated software from Russian and Chinese hackers and using it to design components for military helicopters. – IDG News Service
6. March 18, IDG News Service – (International) US defense scientist bought pirated software from Russians, Chinese, DOJ says. A former defense contractor was sentenced to prison for purchasing pirated software from Russian and Chinese hackers and using it to design components for military helicopters. The former contractor paid $6,000 to purchase modeling and design software which has a retail value of more than $2.3 million. Source: http://www.networkworld.com/news/2013/031913-us-defense-scientist-bought-pirated-267830.html
• A Web site that recently exposed the personal information of celebrities and public figures by stealing credit report information appears to be linked to the use of the Zeus banking malware – IDG News Service See item 9 below in the Banking and Finance Sector
• Mandatory water restrictions were set in place by the Washington Suburban Sanitary Commission after a massive March 18 water main break in a 54-inch water main shut down traffic along a major corridor. – WTTG 5 Washington D.C.
17. March 19, WTTG 5 Washington, D.C. – (District of Columbia) Chevy Chase water main break causes delays; mandatory water restrictions in place. Mandatory water restrictions were set in place by the Washington Suburban Sanitary Commission to its residential and business customers after a massive March 18 water main break in a 54-inch water main shut down traffic along a major corridor. Repairs were delayed by loss of power from a tree which fell on electrical lines near the work area, temporarily halting progress. Source: http://www.myfoxdc.com/story/21678346/chevy-chase-water-main-break-causes-delays-mandatory-water-restrictions-in-place#axzz2NzTN1oZF
Banking and Finance Sector
7. March 19, Associated Press – (National) Citigroup to pay $730 million to settle lawsuit. Citigroup agreed to settle a class action lawsuit by investors claiming they were misled in the purchase of debt and preferred stock, and agreed to pay $730 million. Source: http://www.philly.com/philly/business/20130319_ap_citigrouptopay730milliontosettlelawsuit.html
8. March 19, IDG News Service – (International) JPMorgan Chase customers see zero balances after technical glitch. JPMorgan Chase reported that it experienced a technical problem March 18 that caused customers to see balances of zero in the online and mobile bank services. Source: http://www.networkworld.com/news/2013/031913-jpmorgan-chase-customers-see-zero-267838.html
9. March 18, IDG News Service – (International) Credit report breach has link to Zeus banking malware. A Web site that recently exposed the personal information of celebrities and public figures by stealing credit report information appears to be linked to the use of the Zeus banking malware and to domains used in past cybercrime campaigns. Source: http://www.csoonline.com/article/730446/credit-report-breach-has-link-to-zeus-banking-malware
10. March 18, Portland Oregonian – (Oregon) FBI seeks info on ‘Tall Man’ bandit, who hit sixth bank today in Eugene. The FBI offered a reward for information about the “Tall Man Bandit” suspect who has robbed six bank branches in the Eugene area since February 14. Source: http://www.oregonlive.com/pacific-northwest-news/index.ssf/2013/03/fbi_seeks_info_on_tall_man_ban.html
11. March 18, Minneapolis Star Tribune – (Minnesota) First of two defendants convicted in Twin Cities credit-card skimming case. One of two suspects in a skimming scheme that placed skimmers inside several Twin Cities’ gas pumps and stole the card information of more than 450 people was convicted March 18. Source: http://www.startribune.com/local/minneapolis/198884531.html
Information Technology Sector
28. March 18, CNET News – (International) What 420,000 insecure devices reveal about Web security. A researcher using simple techniques to take over unsecured devices left exposed to the Internet, created a benign botnet to demonstrate how many personal and industrial computer systems are easily exploitable. Source: http://news.cnet.com/8301-1009_3-57574919-83/what-420000-insecure-devices-reveal-about-web-security/
29. March 18, IDG News Service – (International) Internal-use SSL certificates pose security risk for upcoming domain extensions. An advisory by the Internet Corporation for Assigned Names and Numbers (ICANN) stated that issuing secure socket layer (SSL) certificates for internal domain names could lead to privacy and integrity concerns for HTTPS communications and new generic top-level domains (gTLD). Source: http://www.computerworld.com/s/article/9237678/Internal_use_SSL_certificates_pose_security_risk_for_upcoming_domain_extensions
30. March 18, Computerworld – (International) Google Drive suffers outage Monday morning. Users experienced problems accessing files stored on Google Drive for several hours March 18. Source: http://www.networkworld.com/news/2013/031813-google-drive-suffers-outage-monday-267812.html
31. March 18, Threatpost – (International) Flaw leaves EA Origin platform users open to attack. Researchers discovered a vulnerability in Electronic Arts’s (EA) Origin gaming platform that could allow attackers to run malicious code on users’ computers. Source: http://threatpost.com/en_us/blogs/flaw-leaves-ea-origin-platform-users-open-attack-031813
32. March 19, San Antonio Express-News– (Texas) Fire knocks WOAI-TV off the air. A March 19 fire knocked WOAI-TV San Antonio off the air and force the building’s evacuation. The fire was contained to the 2 floor offices of the building. Source: http://www.mysanantonio.com/news/local_news/article/Fire-knocks-WOAI-TV-off-the-air-4366143.php
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to email@example.com or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to firstname.lastname@example.org.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at email@example.com or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at firstname.lastname@example.org or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.