Complete DHS Report for March 21, 2016
Daily Report
Top Stories
• Researchers reported that a business email compromise campaign
(BEC) dubbed Olympic Vision was targeting international organizations in the
Manufacturing and Real Estate sector to obtain information and manipulate
employees. – SecurityWeek
4. March 17,
SecurityWeek – (International) Nigerian cybercriminals target firms
worldwide in BEC campaign. Researchers at Trend Micro reported a business
email compromise campaign (BEC) dubbed Olympic Vision, allegedly run by two
Nigerian cybercriminals, was targeting international organizations in the
Manufacturing and Real Estate sector to obtain information and manipulate
employees into transferring large monetary funds to bank accounts controlled by
the hackers. Attackers sent urgent-sounding emails to compel victims into
installing a piece of malware which allowed attackers to steal saved
credentials from browsers, Windows product keys, keystrokes, and network
information, among other data. Source: http://www.securityweek.com/nigerian-cybercriminals-target-firms-worldwide-bec-campaign
• San Francisco officials reported that part of the Bay Area Rapid
Transit (BART) system will be shut down indefinitely beginning March 17 while
officials investigate the cause of recent train failures. – San Francisco
Chronicle
8. March 18,
San Francisco Chronicle – (California) BART chaos expected to go on
indefinitely. San Francisco officials reported that the Bay Area Rapid
Transit (BART) system between Pittsburg-Bay Point station and North Concord
station will be shut down indefinitely beginning March 17 while officials
investigate the cause of recent train failures following a March 16 power spike
that caused 50 train cars to fail. The shutdown will replace 2,000 feet of worn
tracks, 950 wooden ties, and several other track components. Source: http://www.sfgate.com/bayarea/article/BART-commuter-chaos-continues-as-East-Bay-6895501.php
• Approximately 21,000 gallons of raw sewage spilled into Waimano
Stream in Pearl City, Hawaii, March 17 after a 10-inch pipe at the Pacific
Palisades Wastewater Pump Station ruptured. – Honolulu Civil Beat
12. March 17,
Honolulu Civil Beat – (Hawaii) Raw sewage leak near Pearl Harbor. Approximately
21,000 gallons of raw sewage spilled into Waimano Stream in Pearl City March 17
after a 10-inch pipe at the Pacific Palisades Wastewater Pump Station ruptured.
The city notified the Hawaii Department of Health and workers posted warning
signs to encourage people to stay out of the affected waters. Source: http://www.civilbeat.com/2016/03/sewage-leak-near-pearl-harbor/
• Minnesota-based North
Memorial Health Care settled charges March 14 alleging that the medical center
violated Federal health privacy law after a 2011 theft of a laptop computer
which reportedly contained the health information of about 16,800 patients. – Minneapolis
Star Tribune
13. March 17,
Minneapolis Star Tribune – (Minnesota) North Memorial Health Care
paying $1.5 million in Federal privacy settlement. The U.S. Department of
Health and Human Services reached a settlement the week of March 14 with
Minnesota-based North Memorial Health Care to resolve charges that the medical
center violated Federal health privacy law in connection to a 2011 theft of a
laptop computer from the vehicle of an employee of a third-party vendor,
Accretive Health, which reportedly contained the health information of
approximately 16,800 patients. The medical center will pay $1.55 million and
develop an organization-wide risk analysis and risk management plan, among
other requirements. Source:
http://www.startribune.com/north-memorial-paying-1-5-million-in-federal-privacy-settement/372490911/
Financial Services Sector
5. March 17,
U.S. Department of Justice – (International) Nevada man convicted of
perpetrating nationwide multi-million dollar fraud scheme. Officials from
the U.S. Department of Justice’s Tax Division announced March 17 that a Nevada
man was found guilty of orchestrating a $2 million Nigerian oil investment
fraud scheme from 2004 – 2012 after he and a co-conspirator mislead investors
by falsely claiming that the invested money would be used to purchase an oil
refinery in the Bahamas and used for the production, refinement, and shipment
of crude oil from Nigeria to the Bahamas. The money was instead used for
personal expenses or transferred to unknown bank accounts in China, and
officials stated the man also falsely claimed individual unemployability
compensation benefits from the U.S. Department of Veterans Affairs. Source: https://www.justice.gov/opa/pr/nevada-man-convicted-perpetrating-nationwide-multi-million-dollar-fraud-scheme
6. March 17,
Dallas Morning News – (Texas) Dallas FBI searching for ‘Bad Hair Bandit’ in string
of Preston Road bank robberies. The Dallas FBI is searching March 17 for a
man dubbed the “Bad Hair Bandit” suspected of committing five robberies or
attempted robberies at the BB&T Bank, Comerica Bank, Bank of Texas, and two
separate BBVA Compass Banks in Dallas since January. Source: http://crimeblog.dallasnews.com/2016/03/dallas-fbi-searching-for-suspected-serial-bank-robber-dubbed-bad-hair-bandit.html/
Information Technology Sector
18. March 17,
IDG News Service – (International) Stagefright exploit puts millions of Android
devices at risk. NorthBit released a report addressing a vulnerability
dubbed Metaphor, which affects Android versions 2.2. – 4.0, as well as 5.0 and
5.1, after security researchers discovered a new way to exploit a previously
patched remote code execution vulnerability found in Stagefright, Android’s
mediaserver and multimedia library. Researchers reported attackers tricked victims
into clicking a malicious link sent via email that would execute the exploit. Source:
http://www.computerworld.com/article/3045793/security/stagefright-exploit-puts-millions-of-android-devices-at-risk.html#tk.rss_security
19. March 17,
Softpedia – (International) iCloud account hijacking scam is as bad as
ransomware. Security researchers discovered that attackers could hack a
victim’s Apple iCloud account and use the device’s security features to create
malicious actions against the victim by using the Find my Mac feature and Find
my iPhone feature. The two features enabled attackers to lock the device and
display a ransomware message on a target’s device. Source: http://news.softpedia.com/news/icloud-account-hijacking-scam-is-as-bad-as-ransomware-501868.shtml
For additional stories, see
item 3 below from the Critical Manufacturing Sector
and item 4 above in Top Stories
3. March 17,
IDG News Service – (National) Vehicles are ‘increasingly vulnerable’ to hacking,
FBI warns. Officials from the FBI and the National Highway Traffic Safety
Administration warned the public March 17 against the increasing risk of
cyber-attacks on vehicle computers via the linkages between different-on-board
systems which provides portals that adversaries can exploit to remotely attack
the vehicle controls and systems, and via third-party devices plugged into a
vehicle’s diagnostic port that can introduce vulnerabilities. The FBI advised consumers
to be cautious when connecting third-party devices and be aware of software
updates for their vehicles.
Communications Sector
See item 17 below
from the Emergency Communications Sector
17. March 18,
KDAL 610 AM Duluth – (Minnesota) Carlton County phone service restored. Phone
and 9-1-1 services were restored March 18 in the Moose Lake, Barnum, Blackhoof,
and Mahtowa areas in Carlton County after a March 17 outage. Source: http://kdal610.com/news/articles/2016/mar/18/carlton-county-phone-outage/