Complete DHS Report for December 22, 2016
• The U.S. President declared December 20 that hundreds of millions of acres of Federally-owned land in the Arctic Ocean and canyons in the Atlantic Ocean were withdrawn from offshore oil and gas drilling. – Washington Post
1. December 20, Washington Post – (International) President bans oil drilling in large areas of Atlantic and Arctic oceans. The U.S. President declared December 20, in coordination with the Canadian Prime Minister, that hundreds of millions of acres of Federally-owned land in the Arctic Ocean and canyons in the Atlantic Ocean were withdrawn from offshore oil and gas drilling in an effort to protect the regions from future offshore oil and gas activity risks. The declaration will protect areas of Atlantic Ocean canyons that stretch from Massachusetts to Virginia, and large portions of the Chukchi and Beaufort seas north of Alaska. Source: https://www.washingtonpost.com/news/energy-environment/wp/2016/12/20/president-obama-expected-to-ban-oil-drilling-in-large-areas-of-atlantic-and-arctic-oceans/?utm_term=.5732ebff424b
• Volkswagen Group announced December 20 that it will pay $225 million in environmental remediation after it was found that the company fitted several makes of its vehicles with software used to cheat U.S. emissions standards. – USA Today
2. December 20, USA Today – (National) Volkswagen will buy back 20K more polluting diesel cars. The U.S. Environmental Protection Agency, U.S. Department of Justice, and California State regulators announced December 20 that the Volkswagen Group agreed to pay $225 million in environmental remediation, fix around 63,000 of its vehicles, and buy back another 20,000 vehicles equipped with 3-liter, 6-cylinder diesel engines in the U.S. after it was found that the company fitted several makes of its vehicles with software used to cheat U.S. emissions standards. Source: http://www.usatoday.com/story/money/cars/2016/12/20/volkswagen-3-liter-diesel-settlement/95661794/
• The former owner and president of Staten Island, New York-based Premier Links, Inc. were arrested December 20 for allegedly stealing $9.3 million from more than 300 investors in roughly 40 States through their unregistered broker-dealer business. – U.S. Attorney’s Office, Eastern District of New York See item 3 below in the Financial Services Sector
• The former owner and operator of a Rockingham, North Carolina-based tax preparation business pleaded guilty December 19 after he caused the U.S. Internal Revenue Service (IRS) over $10 million in losses. – U.S. Department of Justice See item 4 below in the Financial Services Sector
Financial Services Sector
3. December 20, U.S. Attorney’s Office, Eastern District of New York – (National) Former owner and president of unregistered broker-dealer indicted in a $9 million securities fraud scheme. The former owner and president of Staten Island, New York-based Premier Links, Inc. were arrested December 20 for allegedly stealing $9.3 million from more than 300 investors in roughly 40 States from approximately 2005 – 2012 through their unregistered broker-dealer business by persuading investors to purchase shares of worthless businesses with the promise of large returns. The charges allege that the executives operated Premier Links as a “boiler room,” using cold callers and other means to compel victims to invest their money in securities, and converted investors’ money upon receipt into cash through more than 900 ATM and teller withdrawals, among other fraudulent actions. Source: https://www.justice.gov/usao-edny/pr/former-owner-and-president-unregistered-broker-dealer-indicted-9-million-securities
4. December 19, U.S. Department of Justice – (North Carolina) North Carolina owner of tax preparation business pleads guilty to conspiracy to defraud the IRS. The former owner and operator of a Rockingham, North Carolina-based tax preparation business, Herb’s Helping Hands, pleaded guilty December 19 after he caused the U.S. Internal Revenue Service (IRS) over $10 million in losses by preparing and filing fraudulent electronic Federal income tax returns that claimed fictitious refunds for clients, and reporting fake or inflated income and dependency exemptions to produce false or inflated Earned Income Tax Credits, fake business income and deficits, and fraudulent deductions, among other fraudulent actions. The owner and his co-conspirators bought or stole the personal identifying information of minors and other individuals, falsely listing them as dependents on returns to generate larger fraudulent client refunds, and directed some of the clients’ refunds into his own bank account or an account he controlled. Source: https://www.justice.gov/opa/pr/north-carolina-owner-tax-preparation-business-pleads-guilty-conspiracy-defraud-irs
Information Technology Sector
20. December 21, SecurityWeek – (International) VMware patches VDP, ESXi vulnerabilities. VMware released patches addressing a flaw in vSphere Data Protection (VDP) which could be exploited to log into the affected appliance with root privileges, as well as a cross-site scripting (XSS) vulnerability in the ESXi hypervisor where an attacker with permission to manage virtual machines (VM) via the ESXi Host Client can import a maliciously crafted VM to trigger the flaw, or can trick a vSphere administrator into importing the specially crafted VM.
For another story, see item 21 below in the Communications Sector
21. December 20, SecurityWeek– (International) Cybercriminals make millions with ad fraud bot farm. White Ops researchers reported that cybercriminals can earn up to $5 million per day through a massive ad fraud operation, dubbed Methbot, which is powered by a bot farm that uses up to 1,200 servers housed by data centers in Dallas and other cities, and more than 570,000 Internet Protocol version 4 (IPv4) addresses to make it appear as though they belong to residential Internet service providers (ISPs) in the U.S. The bot farm generates a fake Webpage with only the elements needed to support an ad, and then requests an ad from a network using a spoofed Uniform Resource Locator (URL) matching that of a premium publisher, which is subsequently loaded in the simulated browser while Methbot’s various human-mimicking mechanisms are enabled to convince anti-fraud systems the activity is generated by real users.