Complete DHS Report for January 19, 2016
Daily Report
Top Stories
• The Office of Inspector General released a report January
14 following its audit of the Security Operations Center (SOC) that revealed
cyberattacks against U.S. power plants grew by 18 percent from 2013 – 2014. – Softpedia
3. January
15, Softpedia – (International) Nuclear Power Plants from all over the world
are vulnerable to cyberattacks. The Office of Inspector General released a
report following its audit of the Security Operations Center (SOC) that
revealed cyberattacks against U.S. power plants grew by 18 percent from 2013 –
2014 and that the SOC did not meet the necessary quality control criteria to
continue its operations without implementing corrective action plans. In
addition, the Nuclear Threat Initiative released a similar report revealing
that 20 international countries, using extensive nuclear energy systems were
vulnerable to cyberattacks due to their low cybersecurity protocols.
• JetBlue officials reported January 14 that a Verizon data
center outage affected its online check-in system, flight booking, and JetBlue
mobile application and delayed or cancelled flights leaving from three major
international airports. – CNBC
10. January
14, CNBC – (National) Verizon outage disrupts JetBlue service
nationwide. JetBlue officials reported January 14 that a Verizon data
center outage affected its online check-in system, flight booking, and JetBlue
mobile application and delayed or cancelled flights leaving from Los Angeles
International Airport, John F. Kennedy International Airport, and Logan
International Airport, among other airports. Verizon officials reported that
the data center power was restored. Source: http://www.cnbc.com/2016/01/14/jetblue-experiencing-intermittent-network-issues-due-to-data-center-power-outage.html
• Hyatt Hotel
officials reported January 15 that its payment processing system was
compromised and affected 250 international hotels after an investigation
revealed a malicious malware was installed onto its systems. – SecurityWeek (See
item 21)
21. January
15, SecurityWeek – (International) Card breach affects 250 Hyatt Hotels
worldwide. Hyatt Hotel officials reported that its payment processing
system used at Hyatt-managed locations including restaurants, golf shops, and
spa resorts, was compromised and affected about 250 hotels internationally
after an investigation revealed a malicious malware was installed onto its
systems that collected cardholder names, card numbers, expiration dates, and
internal verification codes. The hotel is offering one year of free fraud
protection to those affected via CSID. Source: http://www.securityweek.com/card-breach-affects-250-hyatt-hotels-worldwide
• Officials reported that up to 500 people were evacuated
from two Manhattan office buildings January 14 after an 8-inch gas main
ruptured and leaked chemicals into the air. – WNBC 4 New York City
22. January
14, WNBC 4 New York City (New York) Gas leak prompts evacuation of
Manhattan buildings. Officials reported that up to 500 people were
evacuated from two Manhattan office buildings January 14 after an 8-inch gas
main ruptured and leaked chemicals into the air. Authorities shut off the gas
and are working to repair the leak. Source: http://www.nbcnewyork.com/news/local/Gas-Leak-Con-Edison-Evacuation-Manhattan--365335631.html
Financial Services Sector
4. January
14, U.S. Securities and Exchange Commission – (National) SEC Charges
Goldman Sachs with improper securities lending practices. Goldman, Sachs
& Co. agreed to pay the U.S. Securities and Exchange Commission (SEC) $15
million in penalties January 14 to settle charges that the company inaccurately
recorded the firm’s locates log and violated Federal regulations in its
securities lending practices by improperly providing locates to customers
without performing an appropriate review of the securities to be located,
leading customers to engage in illegal short selling sales, among other
charges. Source: http://www.sec.gov/news/pressrelease/2016-9.html
5. January
14, U.S. Securities and Exchange Commission – (Ohio) SEC charges
State Street for pay-to-play scheme. The U.S. Securities and Exchange Commission
announced January 14 that State Street Bank and Trust Company agreed to a $12
million settlement over allegations that the company conducted a pay-to-play
scheme in which the company’s former senior vice president agreed to make
illicit cash payments and political campaign contributions to Ohio’s deputy
treasurer in order to win sub-custodian contracts to service Ohio pension
funds. Source: http://www.sec.gov/news/pressrelease/2016-8.html
6. January
14, U.S. Attorney’s Office, Eastern District of Virginia –
(Virginia) Federal jury convicts ringleader of bank fraud and identity theft
scheme. A man from Virginia was convicted January 13 by a Federal jury for
1 count of conspiracy to commit bank fraud, 19 counts of bank fraud, and 4
counts of aggravated identity theft after an investigation revealed he was the
organizer of a nationwide bank fraud and identity theft scheme that targeted
banks and individuals, and opened numerous checking, credit, and personal line
accounts using the stolen identities of his victims. Source: http://www.justice.gov/usao-edva/pr/federal-jury-convicts-ringleader-bank-fraud-and-identity-theft-scheme
7. January
13, Reuters – (Philadelphia) U.S. jury finds ex-Capital One analyst liable
in insider trading case. A Federal jury convicted a former Capital One
Financial Corp analyst January 13 on civil charges that he engaged in insider
trading by using non-public sales data, gathered by the credit card company, to
buy and sell stocks in advance while disguising the non-public sales data as
material data. The traded information gave the man a significant advantage and
earned him $1.5 million in trade sales. Source: http://www.reuters.com/article/us-sec-capitalone-insidertrading-idUSKCN0UR2KR20160113
8. January
13, San Diego Union-Tribune – (California) ‘Hipster Bandit’
robs forth bank. Authorities are searching January 13 for a man dubbed the
“Hipster Bandit” after he allegedly robbed four banks in San Diego including
his most recent robbery at a Wells Fargo Bank branch January 9 in which the
suspect slipped a note to the teller and demanded specific denominations before
leaving with the stolen funds. Source: http://www.sandiegouniontribune.com/news/2016/jan/13/hipster-bandit-robs-fourth-bank/
Information Technology Sector
17. January
15, Help Net Security – (International) Flaw allows malicious
OpenSSH servers to steal users’ private SSH keys. Researchers from Qualys
reported that two vulnerabilities including an Information Disclosure flaw were
found in the OpenSSH implementation of the secure shell (SSH) protocol that can
allow an attacker to pose as an owner of the SSH keys and extract users’
private cryptographic keys through the default client code that can be tricked
into leaking client memory to the server. Source: http://www.net-security.org/secworld.php?id=19334
18. January
15, SecurityWeek – (International) Alleged author of MegalodonHTTP malware
arrested. Norwegian officials arrested an individual suspected of authoring
the MegalodonHTTP malware that powers distributed denial-of-service (DDoS)
botnets internationally after police arrested five men on suspicion of
possessing, using, and selling malware. Authorities reported that the malware’s
moniker is no longer active or doing business once the man was arrested.
19. January
15, SecurityWeek – (International) McAfee Application Control Flaws expose
critical infrastructure: Researchers. A researcher from SEC Consult
discovered a series of low level vulnerabilities in McAfee’s Application
Control product that can be exploited to bypass application whitelisting
protection and gain arbitrary code execution through various techniques, which
can be leveraged to cause denial-of-service (DoS) conditions to overwrite
whitelisted applications once code execution is achieved. Source: http://www.securityweek.com/mcafee-application-control-flaws-expose-critical-infrastructure-researchers
20. January
14, InfoWorld – (International) Google’s Go upgrade fixes bug that could leak
RSA private key. Google released an update to its programming language, Go
1.5.3, patching a security issue that can affect RSA computations in cryto/rsa
used by crypto/tls and potentially leak their RSA private key on TLS servers
with 32-bit systems. Source: http://www.computerworld.com/article/3023034/application-development/googles-go-upgrade-fixes-bug-that-could-leak-rsa-private-key.html#tk.rss_security
For another story, see item 21 above in Top Stories
Communications Sector
Nothing to report