Tuesday, July 2, 2013





Daily Report

Top Stories

 • Four individuals were indicted on various charges for allegedly running a fraudulent health insurance scam that defrauded more than 17,000 victims of $28 million. – Nashville Tennessean See item 6 below in the Banking and Finance Sector

 • Nineteen firefighters were killed battling a wildfire near Yarnell, Arizona, that burned at least 2,000 acres and destroyed 200 homes. – Associated Press

27. July 1, Associated Press – (Arizona) 19 firefighters killed battling Arizona wildfire. Nineteen firefighters were killed battling a wildfire near Yarnell, Arizona, that burned at least 2,000 acres and destroyed 200 homes June 30. Hundreds of residents were evacuated as authorities closed parts of State Route 89. Source: http://news.msn.com/us/19-firefighters-killed-battling-arizona-wildfire

  Crews reached two percent containment of the West Fork fire complex that burned 95,775 acres on the west side of Wolf Creek Pass, Colorado. – Denver Post (See item 31)

31. June 29, Denver Post – (Colorado) West Fork fire complex at 95,775 acres; lightning causes new fires. Crews reached two percent containment of the West Fork fire complex that burned 95,775 acres on the west side of Wolf Creek Pass. Evacuation orders were lifted in the area as firefighters continued battling several other wildfires throughout the State. Source: http://www.denverpost.com/breakingnews/ci_23567378/west-fork-fire-complex-91000-acres-south-fork-residents-return.html

  A report by ICS-CERT detailed attempted cyberattacks on industrial control systems for the first half of 2013, with the energy sector being the most targeted. – Softpedia See item 42 below in the Information Technology Sector

Details

Banking and Finance Sector

6. June 28, Nashville Tennessean – (National) Businessman, 3 others face criminal charges in bogus insurance scam. Four individuals were indicted on various charges for allegedly running a fraudulent health insurance scam based in Springfield, Tennessee, that defrauded more than 17,000 victims across the country of $28 million. Source: http://www.tennessean.com/article/20130628/BUSINESS01/306280082/Bart-Posey-3-others-face-criminal-charges-bogus-insurance-scam

7. June 28, Pittsburgh Post-Gazette – (Pennsylvania) East Liberty man pleads guilty to bank fraud of tech billionaire. A Pittsburgh man pleaded guilty to impersonating a Microsoft co-founder over the phone to Citibank, which allowed him to gain access to the co-founder’s bank account and attempt to obtain $1.6 million. The man obtained the necessary information from basic Internet searches. Source: http://www.post-gazette.com/stories/local/neighborhoods-city/awol-army-private-pleads-guilty-to-fraud-after-getting-debit-card-of-microsoft-co-founder-paul-allen-693396/

8. June 28, New York State Attorney General’s Office – (New York) N.Y. Attorney General announces conviction in multi-million dollar insurance scheme. A man pleaded guilty to money laundering and fraud charges for filing fake bills that defrauded insurance companies of more than $8 million between 2006 and 2010 in Kings County and elsewhere. Source: http://www.insurancejournal.com/news/east/2013/06/28/297171.htm

9. June 27, Associated Press – (Missouri) 2 plead guilty in counterfeit credit card scheme. Two men pleaded guilty to running a counterfeit credit card scheme that made fraudulent purchases in Perryville after the men were found with more than 100 fraudulent credit cards as well as card reading and writing equipment. Source: http://baltimore.cbslocal.com/2013/06/27/2-plead-guilty-in-counterfeit-credit-card-scheme/

Information Technology Sector

36. July 1, Softpedia – (International) Android hack tools designed to automatically steal information from PCs. F-Secure researchers discovered an Android hack tool identified as Hack-Tool:Android/UsbCleaver.A that, once installed on an Android device, collects information from any Windows computer the device is connected to. Source: http://news.softpedia.com/news/Android-Hack-Tools-Designed-to-Automatically-Steal-Information-from-PCs-364586.shtml

37. July 1, IDG News Service – (International) Two malware programs help each other stay on computers. Researchers at Microsoft identified a symbiotic relationship between the Vobfus and Beebone malware where each program downloads variants of the other, making both resilient to antivirus programs. Source: https://www.computerworld.com/s/article/9240470/Two_malware_programs_help_each_other_stay_on_computers

38. July 1, Softpedia – (International) Experts warn of unpatched backdoor in Atlassian Crowd authentication service. Command Five issued an advisory warning users of the Atlassian Crowd authentication service to update their installations immediately after an exploit that allows unauthorized file retrieval and denial of service attacks was published. Source: http://news.softpedia.com/news/Experts-Warn-of-Unpatched-Backdoor-in-Atlassian-Crowd-Authentication-Service-364567.shtml

39. July 1, The Register – (International) Win 8 user? Thought that was a CAPTCHA? R is for ruh roh. A security researcher created a proof-of-concept keyjacking technique that could be used to run malicious code by disguising a “run executable” dialogue box within a CAPTCHA challenge. The technique works in Internet Explorer (IE) 9 and 10 for Windows 7 and Chrome in Windows 8. Source: http://www.theregister.co.uk/2013/07/01/keyjacking_attack_targets_letter_r_captchas/

40. July 1, Softpedia – (International) CNN’s Political Ticker hacked, fake Bitcoin operator story published. CNN’s Political Ticker blog was hacked and used to post a fake story about the shutdown of Bitcoin operator Btc-e.com after a user’s third party publishing platform credentials were compromised. Source: http://news.softpedia.com/news/CNN-s-Political-Ticker-Blog-Hacked-Fake-Bitcoin-Operator-Story-Published-364494.shtml

41. June 30, Reuters – (Arizona) Gas leak at Intel Arizona plant sickens 43, sends 11 to hospital. A nitrogen triflouride leak at an Intel silicon wafer manufacturing plant in Chandler sickened up to 43 people, with 11 taken to a hospital after the building was evacuated June 30. Source: http://www.bizjournals.com/sanjose/news/2013/06/30/gas-leak-at-intel-plant-sickens-43.html

42. June 30, Softpedia – (International) ICS-CERT warns of brute-force attacks against critical infrastructure control systems. A report by the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) detailed attempted cyberattacks on industrial control systems for the first half of 2013, with the energy sector being the most targeted, among other findings. Source: http://news.softpedia.com/news/ICS-CERT-Warns-of-Brute-Force-Attacks-Against-Critical-Infrastructure-Control-Systems-364266.shtml
Communications Sector
Nothing to report


Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.


Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.