Department of Homeland Security Daily Open Source Infrastructure Report

Wednesday, November 26, 2008

Complete DHS Daily Report for November 26, 2008

Daily Report


 According to Continuity Central, a new University of Minnesota report is the first to conceptualize what happens when a pandemic disrupts the fuel supply chain for electricity. (See item 1)

1. November 25, Continuity Central – (National) U.S. electrical supply is highly vulnerable during pandemic conditions. Reliable mining and delivery of coal, which generates nearly half the United States’ electricity, must be safeguarded to keep water and sewerage systems running, lights on, and vaccine and critical drugs available during a pandemic, according to a new University of Minnesota report, “Pandemic Influenza, Electricity, and the Coal Supply: Addressing Crucial Preparedness Gaps in the United States.” The report is the first to conceptualize what happens when a pandemic disrupts the fuel supply chain for electricity. The authors outline a four-point plan to reduce the risk of losing electricity, particularly in large portions of the Midwest and Eastern states during a pandemic. The authors challenge policymakers and industry leaders to take the following steps: build and maintain coal stocks at power plants year-round at the same level the industry maintains for summer months; place coal miners and supporting infrastructure personnel in the highest priority levels for pandemic response; plan for disruptions in the coal supply chain; and anticipate and develop strategies for responding to disruptions in electrical service. Source:

 The Seattle Post-Intelligencer reports that about 20 operators who dispatch Seattle police to emergency calls had to be evacuated Monday afternoon after a potentially hazardous material was found in the dispatch center. (See item 23)

23. November 24, Seattle Post-Intelligencer – (Washington) Possible hazardous liquid in 911 dispatch center. About 20 operators who dispatch Seattle police to emergency calls had to be evacuated Monday afternoon after a potentially hazardous material was found in the dispatch center. A few dispatchers remained to handle calls. About a half-hour later, all dispatchers began returning after emergency crews found nothing amiss with the air in the center. A spokeswoman for the Seattle Fire Department said the unknown liquid was discovered on the first floor of the call center. Medics treated three people on the scene for minor symptoms, including watery eyes, she said. A private ambulance took one person, who has asthma, to a hospital. A second group of firefighters checked the center, but found nothing hazardous. Source:


Banking and Finance Sector

8. November 25, Kerrville Daily Times – (Connecticut) Text scam tries to fool bank customers. The Bank of the Hills Regional CEO is warning customers not to give information to unknown sources after area cell phones owners were inundated with text messages that stated that Bank of the Hills debit cards had been deactivated. The message also provided a reactivation phone number. According to the CEO, the text messages were sent out beginning Friday to Verizon and Sprint customers and blanketed the area. The Kerrville Police Department received two reports of the scam as of Monday afternoon. Callers to the number were offered two options — to activate the card or to change the PIN number. After choosing an option, callers are prompted to give personal information, such as their debit card and personal identification numbers A KPD spokesman said one of the victims’ bank accounts was emptied the day after responding to the text. Source:

9. November 24, Business First of Columbus – (California) U.S. Bancorp takes over 2 California banks. U.S. Bancorp took over Downey Savings and Loan Association F.A. and PFF Bank & Trust late Friday, ending several weeks of speculation about the financially strapped, southern California institutions. The Federal Deposit Insurance Corp. handled the deal, ensuring that the combined 213 California branches of both banks will reopen as U.S. Bank. Customer deposits will automatically transfer to U.S. Bank, owned by Minneapolis-based U.S. Bancorp, while all accounts are insured by the FDIC. Source:

Information Technology

25. November 25, InformationWeek – (International) Windows Vista, Multimedia Codec vulnerabilities found. Security researchers at Phion AG, an Austrian firewall company, report that Windows Vista has a TCP/IP vulnerability that could allow a local attacker to take control of an affected system. The vulnerability has been tested on Microsoft Windows Vista Enterprise (32-bit and 64-bit) and Microsoft Windows Vista Ultimate (32-bit and 64-bit). The researches consider it likely that other versions of Vista are affected. Windows XP, however, is not affected. Certain administrative rights are required for the vulnerability to be exploited. This makes it a risk primarily in malicious insider scenarios. The advisory states that Phion notified Microsoft on October 22. It is not immediately clear when Microsoft will address the issue. In any event, Phion’s advisory includes details about a temporary fix. Meanwhile, Vietnamese security research group Bach Khoa Internetwork Security (BKIS) has identified a buffer overflow vulnerability in the open source ffdshow multimedia codec that can be used to compromise computers using any Internet browser in which the Windows Media Player plug-in has been installed. The flaw has to do with the way the ffdshow software handles media streams. Upon parsing an extremely long link, ffdshow runs out of memory and returns a buffer-overflow error. This could be exploited by an attacker to execute remote code on the victim’s computer. Source:

Communications Sector

Nothing to report

No comments: