Tuesday, August 4, 2015
Complete DHS Report for August 4, 2015
· A line of thunderstorms in southeastern Michigan cut power to approximately 92,000 DTE Energy customers August 2 and 63,000 customers remained without service August 3 while crews worked to restore service by August 4. – Detroit News
1. August 3, Detroit News – (Michigan) Storms pummel state, produce tornado. A line of thunderstorms in southeastern Michigan cut power to approximately 92,000 DTE Energy customers August 2 and 63,000 customers remained without service August 3 while crews worked to restore service by August 4. The storm caused flooding which prompted the closure of northbound Interstate 75 ramp at Interstate 94 in Detroit and the southbound Interstate 75 ramp to eastbound Interstate 94.
· Indiana Officials announced that an estimated 1.5 million State residents and 3.9 million individuals from 11 healthcare providers and 44 radiology clinics nationwide may have been impacted by a May breach of Medical Informatics Engineering and its subsidiary NoMoreClipboard’s networks. – Softpedia
19. August 3, Softpedia – (National) Data of 4 million patients lost in MIE hacking. The Indiana Attorney General announced that an estimated 1.5 million State residents and 3.9 million individuals from 11 healthcare providers and 44 radiology clinics nationwide may have been impacted by a May breach of Medical Informatics Engineering and its subsidiary NoMoreClipboard’s networks. Officials continue to investigate the attack, which allowed hackers to gain access to patients’ personal and medical information.
· Crews continued to work August 3 to contain at least 21 wildfires in California including the 54,000-acre Rocky Fire stretching across 3 counties that threatens over 12,100 individuals and more than 5,100 structures. – CNN
23. August 3, CNN – (California) California wildfires torch 134,000 acres – and counting. Crews continued to work August 3 to contain at least 21 wildfires in California including the 54,000-acre Rocky Fire stretching across 3 counties that threatens over 12,100 individuals and more than 5,100 structures. The wildfires have collectively burned over 134,000 acres across the State, causing the governor to declare a state of emergency July 31.
· Walmart, Sears, and Amazon agreed to pay the State of New York over $300,000 in penalties and halt sales of life-like toy guns August 3 after over 6,400 toy guns sold from 2012 – 2014 violated New York laws. – Associated Press
34. August 3, Associated Press – (New York) Retailers to pay New York $300,000 in toy gun settlement. Walmart, Sears, and Amazon agreed to pay the State of New York over $300,000 in penalties and halt sales of life-like toy guns August 3 after over 6,400 toy guns sold from 2012 – 2014 violated New York laws.
Financial Services Sector
6. July 31, U.S. Securities and Exchange Commission – (International) SEC charges man with microcap fraud involving shares of Cynk Technology Corp. The U.S. Securities and Exchange Commission charged a Canadian man July 31 with allegedly using straw shareholders, foreign dummy corporations, and fake corporate officers worldwide to conceal his control of shares of Cynk Technology Corp., which he intended to liquidate when the stock’s price increased.
Information Technology Sector
28. August 3, Help Net Security – (International) Fake “Windows 10 Free Upgrade” emails deliver ransomware. Security researchers from Cisco’s Talos Group discovered a ransomware campaign in which attackers purporting to be from Microsoft send victims emails with a fake Windows 10 installer attached that is actually a variant of the CTB-Locker crypto-malware. Source: http://www.net-security.org/malware_news.php?id=3082
29. August 3, Softpedia – (International) Chrome extensions can be disabled without user interaction. Security experts from Detectify Labs discovered that an attacker could disable a list of Google Chrome security extensions upon visiting a site using the “ping” attribute inside a regular link, effectively removing safeguards without the user’s knowledge. Google Chrome was notified of the vulnerability and released a patch addressing the issue. Source: http://news.softpedia.com/news/chrome-extensions-can-be-disabled-without-user-interaction-488340.shtml
30. August 3, IDG News Service – (International) DNS server attacks being using BIND software flaw. Security researchers from Sucuri reported that attackers have begun exploiting a denial-of-service (DoS) flaw in all versions of BIND 9 open-source Domain Name System (DNS) software that was patched the week of July 27. The company confirmed that two clients in different sectors had experienced attacks. Source: http://www.computerworld.com/article/2955290/security/dns-server-attacks-begin-using-bind-software-flaw.html
31. August 3, Help Net Security – (International) The leading cause of insider threats? Employee negligence. The Ponemon Institute released findings from a survey on insider information technology (IT) threats in U.S. and German firms, revealing that in addition to malicious intent, employee negligence is a significant cause of security incidents that lead to decreases in IT productivity, which can cause a company as much as $1.5 million in losses per year. The report cited long hours and multitasking as common elements leading to negligence, among other findings. Source: http://www.net-security.org/secworld.php?id=18697
For additional stories, see item 5 below from the Critical Manufacturing Sector, item 19 above in Top Stories, items 20 and 21 below from the Healthcare and Public Health Sector
5. July 31, Securityweek – (International) Flaw in fingerprint access devices could make it easy to open doors. Security researchers at CERT Coordination Center (CERT/CC) discovered two flaws in several models of fingerprint access controllers developed by Taiwan-based Chiyu Technology in which an unauthenticated attacker with network access could view and modify the device’s configuration by accessing known paths.
20. August 3, Securityweek – (National) FDA issues alert over vulnerable Hospira drug pumps. Healthcare organizations were alerted by the U.S. Food and Drug Administration July 31 regarding cyber security risks associated with the use of Hospira Symbiq infusion systems following flaws discovered in 2014, which included security holes that can be remotely exploited by hackers in order to gain access to the devices and possibly change the dosage they deliver. The company has been working on developing a software update and the vendor is working to remove all of the infusion systems from the market until a permanent replacement is available.
21. August 1, Sioux City Journal – (South Dakota) Siouxland Pain Clinic says patient information likely exposed by hacker. The Siouxland Pain Clinic in Dakota Dunes reported July 31 that patients’ health and other personal information was likely exposed during an attack on the clinic’s server between March 26 and April 2, and that there was no evidence that the information was misused. The clinic continues to evaluate the attack after being notified of the breach June 26.
32. August 3, Brownsville Herald – (Texas) Jack FM burglar charged. An Alamo man was indicted July 31 on two counts of burglary charges after allegedly breaking into KJAV-FM, also known as “Jack FM” brand, and stealing and damaging radio equipment. Estimated theft and damage costs total over tens of thousands of dollars and forced the station to go offline for an unknown amount of time. Source: http://www.brownsvilleherald.com/news/valley/article_1f7f4e1c-3986-11e5-908a-eb1c06182ed1.html
For another story, see item 38 below from the Commercial Facilities Sector
38. August 3, Associated Press – (Illinois) One dead, thousands without power after storms. A Wood Dale, Illinois official reported August 3 that 1 person was killed and 20 others injured at the annual Prairie Fest after a tent collapsed due to a sudden storm that brought high winds, hail, and rain, August 2. About 17,900 people were without power August 3, down from a peak of 95,000.