Wednesday, April 24, 2013
Complete DHS Daily Report for April 24, 2013
• The U.S. Environmental Protection Agency reached a settlement with Wisconsin Power & Light Co. and other utilities to spend $1.2 billion to clean up coal-fired plants and shut down older plants. – Milwaukee Journal Sentinel
1. April 22, Milwaukee Journal Sentinel – (Wisconsin) EPA settles with Wisconsin utilities on coal plant air pollution. The U.S. Environmental Protection Agency reached a settlement with Wisconsin Power & Light Co. and 3 other utilities to spend $1.2 billion to clean up coal-fired plants and shut down older plants. The agency proclaimed the utilities failed to comply with the Clean Air Act by not installing modern pollution controls when upgrading their power plants. Source: http://www.jsonline.com/business/epa-settles-with-wisconsin-utilities-on-coal-plant-air-pollution-1p9lo5u-204201561.html
• A suspect known as the “Merrimack Valley Bandit,” believed to have robbed a bank in Maine, is suspected of 13 other robberies in Massachusetts. – North Andover Eagle Tribune See item 7 below in the Banking and Finance Sector
• A nationwide test of the Emergency Alert System will air April 23 in the first ever case of testing the system. – KRXI 11 Reno
32. April 22, KRXI 11 Reno – (National) First-ever nationwide test of the Emergency Alert System to occur tomorrow. A nationwide test of the Emergency Alert System will air April 23 in what the Federal Emergency Management Agency, along with their federal, State, and local partners call the first ever case of testing the system. Source: http://www.foxreno.com/news/news/national/first-ever-nationwide-test-emergency-alert-system-/nXSwz/
• A man was charged with threatening to use a weapon of mass destruction, terroristic threats, and risking a catastrophe after his bomb-related comments caused a bomb scare at a mall in Pittsburgh. – WPIX 11 Pittsburgh
43. April 22, WPXI 11 Pittsburgh – (Pennsylvania) Man accused of making bomb threat at South Hills Village mall. A man was charged with threatening to use a weapon of mass destruction, terroristic threats, and risking a catastrophe after his bomb-related comments caused a bomb scare at the South Hills Village mall in Pittsburgh. Several employees and customers were forced to wait on the outskirts of a parking lot while the Allegheny County Bomb Squad investigated the man’s bags. Source: http://www.wpxi.com/news/news/south-hills-village-theater-evacuated-after-threat/nXST4/
Banking and Finance Sector
7. April 23, North Andover Eagle Tribune – (Maine; Massachusetts) Bandit suspected in 14th robbery after York, Maine bank heist. A suspect known as the “Merrimack Valley Bandit” was believed to have robbed a Bangor Savings bank in York, Maine, April 23, and is suspected of 13 other robberies in Massachusetts. Source: http://www.eagletribune.com/local/x210921831/Bandit-suspected-in-14th-robbery-after-York-Maine-bank-heist
Information Technology Sector
35. April 23, Help Net Security – (International) Wireless hack attacks target critical infrastructure. Network control systems for critical infrastructure are vulnerable to attacks carried out over Software Defined Radio (SDR), according to Digital Assurance. Proprietary wireless technologies in control devices may allow network access and networks will grow more vulnerable as more smart meters are installed. Source: http://www.net-security.org/secworld.php?id=14795
36. April 23, eWeek – (International) Cyber attacks growing more sophisticated, targeting IT firms. A report by FireEye found several trends in cyberattacks, including the heavy use of command and control hubs, technology organizations being among the most common targets, and that most advanced persistent threat (APT) attacks are in some way associated with Chinese groups. Source: http://www.eweek.com/small-business/cyber-attacks-growing-more-sophisticated-targeting-it-firms/
37. April 23, Softpedia – (International) Viber flaw allows hackers to bypass Android smartphone lock screens. Researchers at Bkav identified a vulnerability in the Viber phone and texting application that could allow attackers to bypass the lock screen on Android smartphones, enabling full access to the device. Source: http://news.softpedia.com/news/Viber-Flaw-Allows-Hackers-to-Bypass-Android-Smartphone-Lock-Screens-Video-347763.shtml
38. April 23, Help Net Security – (International) Researchers discover more BadNews on Google Play. The BadNews malware for Android was again found in the Google Play store after Google removed other instances of it April 22. The malware steals users’ device information and tricks them into downloading other malicious apps. Source: http://www.net-security.org/malware_news.php?id=2475
39. April 22, SC Magazine – (International) Java 8 release pushed back due to security concerns. Oracle pushed back the planned release of Java 8 from September to the first quarter of 2014 to deal with security issues. Source: http://www.scmagazine.com/java-8-release-pushed-back-due-to-security-concerns/article/289994/
40. April 22, Dark Reading – (International) Report: DDoS attacks getting bigger, faster than ever. Arbor Networks’ first quarter ATLAS report found that the average speed of distributed denial of service (DDoS) attacks grew to about 1.77 Gbps, and that large attacks exceeding 10 Gbps are increasing. Source: http://www.darkreading.com/perimeter/report-ddos-attacks-getting-bigger-faste/240153399
41. April 22, Associated Press – (Alabama) Signal outage takes ALA television station off air. An April 21 disruption of WIAT-TV 42 Birmingham remained under investigation as technicians worked to restore service to affected DirecTV, Dish network, and other cable system customers. Source: http://www.fox17.com/template/inews_wire/wires.regional.al/2fee94ee-www.fox17.com.shtml
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to email@example.com or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to firstname.lastname@example.org.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at email@example.com or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at firstname.lastname@example.org or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.