Monday, March 25, 2013
Complete DHS Daily Report for March 25, 2013
Daily Report
Top Stories
• DHS and ICS-CERT advised the energy, oil,
water, and chemical industries to apply a patch to certain Siemens industrial
control software that addresses a previously found vulnerability. – Threatpost
1.
March 21, Threatpost – (National) DHS,
ICS-CERT warn of Siemens HMI vulnerabilities. DHS and the Industrial
Control Systems Cyber Emergency Response Team (ICS-CERT) advised the energy,
oil, water, and chemical industries to use the newly patched Siemens industrial
control software that addresses a previously found vulnerability. Source: http://threatpost.com/en_us/blogs/dhs-ics-cert-warn-siemens-hmi-vulnerabilities-032113
• The brother of the Galleon Group founder
found guilty of insider trading was indicted for allegedly being part of his
brother’s insider trading ring. – New York Times See item 6 below in the Banking and Finance Sector
• Authorities issued a lock down of Marine
Corps Base Quantico while searching for a marine that shot and killed two
fellow marines. Officials lifted the lockdown after they found the suspect dead
in an apparent suicide. – CNN
18.
March 22, CNN – (Virginia) ‘A long
night’ at marine base; 3 dead in shooting. Authorities issued a lock down
of the Marine Corps base in Quantico while searching for a marine that shot and
killed two fellow marines on base. Officials lifted the lockdown after they
found the marine in his room, dead from a self-inflicted gunshot wound. Source:
http://www.cnn.com/2013/03/22/us/virginia-quantico-shooting/index.html
• A report claimed a Washington, D.C.
ambulance and 2 medic units were within a 4-mile radius of an officer that was
struck and severely injured, but did not respond because fire stations failed
to properly monitor for emergency calls. – WRC 4 Washington D.C.
24.
March 21, WRC 4 Washington, D.C. –
(District of Columbia) Report: 3 ambulances improperly out of service when
D.C. police office was struck. A March 21 report by the deputy mayor for
public safety claimed a Washington, D.C. ambulance and 2 medic units were
within a 4-mile radius of an officer that was struck and severely injured March
5, but did not respond to the scene. The report alleges the fire stations
failed to properly monitor for emergency calls. Source: http://www.nbcwashington.com/news/local/Report-3-Ambulances-Improperly-Out-of-Service-When-DC-Police-Officer-Was-Struck-199444121.html
Details
Banking and Finance Sector
5. March 22, Softpedia – (International) Website
and mobile banking service of TD Bank disrupted by DDOS attack. Canada-based
Toronto-Dominion (TD) Bank experienced service interruptions to its Web site
and mobile banking services caused by a distributed denial of service (DDoS)
attack March 21. Source: http://news.softpedia.com/news/Website-and-Mobile-Banking-Service-of-TD-Bank-Disrupted-by-DDOS-Attack-339532.shtml
6. March 21, New York Times – (New York) Brother
of Galleon Group founder is indicted on insider trading charges. The
brother of the Galleon Group founder found guilty of insider trading was
indicted for allegedly being part of his brother’s insider trading ring.
Source: http://dealbook.nytimes.com/2013/03/21/prosecutors-weigh-insider-trading-charges-against-raj-rajaratnams-brother/
7. March 20, Santa Rosa Press Democrat –
(California) FBI seeks ‘Hoodie Bandit’ suspected in Sonoma County bank
robberies. The FBI released photos of the suspect known as the “Hoodie
Bandit”, suspected of robbing three banks in Santa Rosa and Rohnert Park in
February. Source: http://www.pressdemocrat.com/article/20130320/ARTICLES/130329955/1308/news?Title=FBI-seeks-Hoodie-Bandit-suspected-in-Sonoma-County-bank-robberies&tc=ar
Information Technology Sector
25.
March 22, Softpedia – (International) Yahoo,
LinkedIn, Twitter accounts vulnerable to session fixation attacks. A
security researcher identified a vulnerability that could allow cybercriminals
to launch session fixation attacks and gain access to users’ accounts. Source: http://news.softpedia.com/news/Yahoo-LinkedIn-Twitter-Accounts-Vulnerable-to-Session-Fixation-Attacks-Video-339448.shtml
26.
March 22, IDG News Service –
(International) Google Drive hit by three outages this week. Google
Drive experienced three service interruptions the week of March 18, preventing
users from accessing files during the interruptions. Source: http://www.computerworld.com/s/article/9237831/Google_Drive_hit_by_three_outages_this_week
27.
March 22, Softpedia – (International) Security
hole in control panels of UK registrars led to domain hijacking. About 300
domains were stolen from U.K. registrar 123-Reg by attackers exploiting a
vulnerability in the service’s Web hosting control panel that allowed users
with an account to access other accounts. Source: http://news.softpedia.com/news/Security-Hole-in-Control-Panels-of-UK-Registrars-Led-to-Domain-Hijacking-339475.shtml
28.
March 22, Softpedia – (International) PyCon
incident: Two people fired, DDOS attack launched against SendGrid site. SendGrid’s
Web site was targeted by a distributed denial of service (DDoS) attack after an
incident by a former employee at a conference drew the attention of social
media users and a self-professed Anonymous group. Source: http://news.softpedia.com/news/PyCon-Incident-Two-People-Fired-DDOS-Attack-Launched-Against-SendGrid-Site-339407.shtml
Communications Sector
29. March
21, Richmond Times-Dispatch– (Virginia) 3 area TV stations
experiencing antenna problem. A March 6 problem with a shared antenna in
the Richmond area left WCVW, WRIC, and WRLH television stations unavailable to
some of their viewers. The problem affects those who receive their television
“over-the-air” instead of through cable or satellite. Source: http://www.timesdispatch.com/business/local/companies/area-tv-stations-experiencing-antenna-problem/article_ebd285d1-40e0-5fc6-a19b-97dbf567fb68.html
30. March
21, New Orleans Times-Picayune – (Louisiana) Super Bowl
blackout report blames electric relay device, cites poor communication. A
March 21 report on the 2012 Super Bowl blackout blamed the outage on a
mis-operation of a relay device that was part of an electric switchgear near
the stadium. The device’s settings were within recommended default settings but
poor communication between the manufacturer and the stadium prevented the
device’s set-up to align with the stadium’s specific fuse requirements. Source:
http://www.nola.com/business/index.ssf/2013/03/analysis_of_super_bowl_blackou.html
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.