Department of Homeland Security Daily Open Source Infrastructure Report

Friday, August 1, 2008

Complete DHS Daily Report for August 1, 2008

Daily Report

• The Associated Press reports that an 18-year-old has been accused of igniting a pipe bomb under a railroad overpass in Michigan and has been charged with five crimes, including gun violations and a threat of terrorism. The explosive did not cause damage on Sunday. (See item 17)

• According to All Headline News, when the earthquake hit near Los Angeles Tuesday, many residents turned to Twitter before the telephone. Wireless phone providers suggest text messages can often avoid delays caused by a crush of traffic from thousands of cell phone users attempting to make calls during emergencies. (See item 40)

Banking and Finance Sector

9. July 31, Midland Reporter-Telegram – (Texas) Phone scam targeting bank accounts targets West Texas. First National Bank’s president of the Midland market said that a scam using his bank’s name is circulating among customers in West Texas. A voice mail message is being left on customer’s machines telling them that their debit card with First National Bank has been deactivated. Customers are then instructed to call a phony toll-free number to re-activate their cards and to enter both their account and pin numbers when prompted. According to the official, the best thing for customers who receive the voice mail is for them to ignore the message and contact their bank as soon as possible. Source:

10. July 30, Associated Press – (Florida) Bank, contractor employees uncover fraud scheme. Federal authorities have charged a Lebanese native with fraud after he allegedly deceived Florida officials into diverting millions of dollars to an account he set up, instead of a road building company that was supposed to get the money. Employees of a bank and the contractor are being credited with uncovering the $5.7 million scheme, leading to the suspect’s arrest as he was attempting to fly to Beirut. Some of the money had been wired to Beirut before the FBI arrested the man at Miami International Airport last week as he was waiting to board a plane bound for Beirut. Most of the cash has been recovered, said a spokeswoman for the Florida Department of Financial Services. She said the FBI is trying to determine if any state employees were involved. Source:

11. July 30, KATV 7Little Rock – (Arkansas) Police warn of text messaging scam. Since Tuesday, at least a dozen Pine Bluff area bank customers have been targeted by a text messaging scam. The text says “We regret to inform you that we had to lock you bank account access.” The sender tells the customer to call a number to restore his or her bank account. Investigators say the text messages are coming from Europe, but the phone number customers are told to call is in Iowa. A Pine Bluff Police official said: “It’s a very sophisticated and targeted-type plan to just hit people in this area. So I’m sure if they just hit people from Pine Bluff, from Iowa and Europe, then they can hit any other place in United States or here in Arkansas.” Source:

12. July 30, KEZI 9 Eugene – (Oregon) Phone scam targets local Credit Union customers. Investigators say scammers are calling members of the Oregon Community Credit Union on their home and cell phones, telling them that there is an issue with their account. The scammers are using an automated service that asks customers to give personal information over the phone. Source:

13. July 30, Reuters – (National) Bush signs U.S. housing rescue plan into law. As home foreclosures rise and property values slump, the president on Wednesday signed into law a rescue package that includes emergency backstops for mortgage financing companies Fannie Mae and Freddie Mac. The new law boosts oversight of the companies, which own or guarantee almost half the country’s $12 trillion in home mortgage debt. It also expands a temporary line of U.S. Treasury credit and gives the government the option to buy shares in them if they ran into trouble. The new law also sets up a $300-billion fund under the Federal Housing Administration to help distressed homeowners get more affordable, government-backed mortgages and get out from under exotic mortgages they cannot afford. The bill also offers tax breaks to spur home-buying; sets up the first national licensing system for mortgage brokers and loan officers; and raises the limit on the size of mortgages that federal agencies can guarantee. Source:

Information Technology

36. July 31, IDG News Service – (National) IOC admits it accepted China Internet censorship. The International Olympic Committee (IOC) admitted Wednesday that it made a deal with Chinese officials to accept censorship of the Internet during the Beijing Olympic Games, which begin August 8. “IOC officials negotiated with the Chinese [so] that some sensitive sites would be blocked on the basis they were not considered Games-related,” said the chairman of the IOC’s press commission, according to press reports. “I regret that it now appears BOCOG (the Beijing Organizing Committee for the Games of the XXIX Olympiad) has announced that there will be limitations on Web site access during Games time,” he added. BOCOG’s top spokesperson said today that Web sites that are “banned” will remain so. Source:

37. July 30, National Terror Alert – (National) Storm Worm virus - warning from the FBI. The Federal Bureau of Investigation (FBI) and its partner, the Internet Crime Complaint Center (IC3), have received reports of recent spam e-mails spreading the Storm Worm malicious software, known as malware. These e-mails, which contain the phrase “F.B.I. vs. facebook,” direct e-mail recipients to click on a link to view an article about the FBI and Facebook, a popular social networking website. The Storm Worm virus has also been spread in the past in e-mails advertising a holiday e-card link. Clicking on the link downloads malware onto the Internet connected device, causing it to become infected with the virus and part of the Storm Worm botnet. Source:

38. July 30, New York Times (National) With security at risk, a push to patch the Web. While Internet service providers are racing to fix a problem that makes it possible for criminals to divert users to fake Web sites where personal and financial information can be stolen, the researcher who discovered the bug worries that they have not moved quickly enough. By his estimate, roughly 41 percent of the Internet is still vulnerable. Now he has been ramping up the pressure on companies and organizations to make the necessary software changes before criminal hackers take advantage of the flaw. Major Internet service providers in the United States this week indicated that in most cases, the software patch, which makes the flaw much more difficult to exploit, was already in place or soon would be. Comcast and Verizon, two of the largest providers, said they had fixed the problem for their customers. AT&T said it was in the process of doing so. But the problem is a global one, and the length of time required to fix it could leave many Web users vulnerable for weeks or months. And there are millions of places around the world where people might find themselves vulnerable to potential attacks, ranging from their workplaces to an airport lounge or an Internet cafe. Source:

39. July 30, Computerworld – (National) Hackers start DNS attacks, researcher says. Hackers are now actively exploiting a critical flaw in the Domain Name System (DNS), but they are not using any of the already known exploits, said a researcher who crafted the first attack code to go public. “We’re seeing an entirely new technique,” said the creator of the Metasploit penetration-testing framework, who with a hacker identified as “I)ruid” published exploits last week for the vulnerability in the Internet’s routing system. Late yesterday, he reported that he had found a compromised DNS server operated by AT&T Inc. when employees at his company, BreakingPoint Systems Inc., realized that they were being shunted to a bogus version of He said the exploit that successfully attacked the AT&T server was not the same as the Metasploit attack code that he and I)ruid wrote, nor were any of the other public exploits. The compromised AT&T server was taken offline yesterday. The attack seemed designed to generate ad revenue by steering users to the fake Google page, he said. Source:

Communications Sector

40. July 30, All Headline News – (California) Twitter provided early quake reports. When the 5.4 earthquake hit near Los Angeles Tuesday, many residents turned to Twitter before the telephone. Twitter is an online communication service that allows Internet users to send brief messages to a network of friends. Just minutes after the ground shook in Southern California users of the Internet service were alerting fellow users of the event. Earlier this year, Twitter was used to alert people of earthquakes that hit China. On a company blog, Twitter said its users were able to send news of the earthquake even before traditional news media, such as the Associated Press, had filed stories. In one instance Tuesday, a woman finishing a medical exam used her cell phone to tap out a message on Twitter about her experiences during the LA quake, CNET reported. Wireless phone providers suggest text messages can often avoid delays caused by a crush of traffic from thousands of cell phone users attempting to make calls during emergencies. Source: