Department of Homeland Security Daily Open Source Infrastructure Report

Monday, August 25, 2008

Complete DHS Daily Report for August 25, 2008

Daily Report


• According to the Associated Press, military leaders have suspended some activities at biological research laboratories to review safety rules for deadly germs and toxins, including how they are shipped through FedEx and other civilian carriers. (See item 19)

19. August 21, Associated Press – (National) Military halts shipment of deadly toxins. Military leaders have suspended some activities at biological research laboratories to review safety rules for some of the world’s deadliest germs and toxins, including how they are shipped through FedEx and other civilian carriers. Defense officials said the action is part of a larger review ordered when a researcher at an Army lab committed suicide last month after being told he would be charged in the 2001 anthrax attacks that killed five people. Navy and Air Force officials told The Associated Press on Thursday that they are temporarily halting shipments of dangerous biological agents to and from their medical and research labs. Companies previously had to have personnel certified by the government for handling hazardous materials and now also will have to provide two drivers for the deliveries — both with classified security clearances, said an Army spokesman. The service also is working on tightening safety procedures for commercial air shipments of biological materials. A FedEx spokeswoman said she was unaware of any changes in procedures. Shipping of dangerous materials is common, is carried out by a number of companies, and is done by universities, research centers, and others in the civilian and military world. Accidents happen and there have been cases in which shipments have gone missing, been damaged, or lost. In one case reported to the government, plague bacteria that was supposed to be delivered to the Armed Forces Institute of Pathology in 2003 somehow ended up in Belgium and was incinerated safely. Source:

• Bloomberg reports that Denver, Colorado, and St. Paul, Minnesota, will become virtual fortresses during the Democratic and Republican nominating conventions, protected by airplanes, helicopters, barriers, fences, and thousands of police officers, National Guard troops, and Secret Service agents. (See item 36)

36. August 22, Bloomberg – (Colorado; Minnesota) Security makes U.S. conventions virtual fortresses. Two U.S. cities will become virtual fortresses during the Democratic and Republican nominating conventions, protected by airplanes, helicopters, barriers, fences, and thousands of police officers, National Guard troops, and Secret Service agents. In Denver, Colorado, where Democrats assemble next week, police are spending $18 million on equipment alone and will be bolstered by National Guard troops and hundreds of officers from surrounding suburbs. In St. Paul, Minnesota, site of the September 1-4 Republican nominating convention, police are calling on 80 law-enforcement agencies to provide 3,000 officers to supplement the city’s 500-person force. The federal money is being spent for security measures such as fencing and high-tech camera-surveillance systems. More than 1,000 National Guard troops will help with communication and supplies in Denver, said a spokesman for the Colorado National Guard. More than 1,000 Minnesota National Guard troops will help provide security at sites outside the Xcel Center that are being used by convention participants, said a Guard spokesman. The North American Aerospace Defense Command, based at Peterson Air Force Base in Colorado Springs, will also participate. The Federal Bureau of Investigation plans to use a new version of a computer network that lets all its branch offices build leads on cases. The Coast Guard will monitor the Mississippi River near the Xcel Energy Center. Source:


Banking and Finance Sector

9. August 22, Douglas Dispatch – (Arizona) Police respond to bomb threat at Bank of America. A bomb threat at the Bank of America halted business for about half an hour in downtown Douglas, Arizona, Tuesday afternoon. A Douglas Police spokesman said a man called the bank and told the desk clerk, “There’s several bombs in the building.” Douglas police evacuated the bank as well as some of the surrounding buildings. The police conducted a preliminary search of the inside of the bank for any suspicious items. None were found, the official said. The Douglas police are continuing the investigation. Source:

10. August 22, CCH Wall Street – (National) SEC busts international stock scam. The Securities and Exchange Commission (SEC) has obtained an asset freeze against the CEO of GHL Technologies and a Barcelona, Spain stock promoter, for their roles in orchestrating a $13-million pump-and-dump scheme. Beginning in 2005, the two suspects illegally sold millions of shares of GHL Technologies, a Bremerton, WA. GHL claimed it was in the business of installing GPS technology into emergency and commercial vehicles. The SEC has frozen several bank accounts and businesses with which Spanish fraudster was associated.


11. August 22, Record Journal – (Connecticut, Kentucky) BBB warns against credit union scam. Connecticut Better Business Bureau (CT BBB) has learned of a scam targeting customers of the Commonwealth Credit Union. CT BBB reports the scam has made its way from Kentucky to Connecticut. Commonwealth CU has been the target of an extensive “voice-fishing” scam. A recorded message tells clients their credit cards have been suspended, asks them to call a toll-free telephone number, and once they do, they are asked for their credit card numbers to “reactivate” their accounts. Both members and non-members of Commonwealth CU have received these calls on their cell, work and home phones. The Kentucky Attorney General cautions against responding to the message. Commonwealth Credit Union confirms it never makes calls asking for personal information. On its website, Commonwealth acknowledges the voice phishing scam, and says thousands of people in Kentucky alone have been targets of these attacks. Among the toll-free numbers victims are asked to call is one based in Columbia, Connecticut. Source:

Information Technology

32. August 21, InformationWeek – (International) DNS flaw used to poison Chinese ISP’s server. The DNS cache on the default DNS server used by China Netcom, one of the country’s largest Internet service providers (ISPs), has been poisoned, said computer security company Websense on Tuesday. China Netcom customers who mistype a Web address and enter an invalid domain name get directed to a Web page with malicious code, the company said. The malicious destination page includes an iframe that points to a server in China that attempts to exploit Adobe’s Flash player, MS06-014 (Microsoft Data Access Components), MS08-041 (Microsoft Snapshot Viewer), and RealPlayer, if present on the victim’s computer. According to the manager of Websense security labs, the DNS poisoning was carried out by exploiting the weakness in DNS software discussed at the recent Black Hat security conference in Las Vegas. The issue is that many popular DNS software packages fail to randomize transmission ports sufficiently, which could allow a knowledgeable attacker to alter, or poison, DNS cache information. The result is that Internet users relying on compromised DNS servers could see their e-mail traffic hijacked or could be sent to a malicious Web site. Source:

Communications Sector

33. August 22, Eureka Times-Standard – (California) Second fiber optic cable on the way. After years of discussion and unreliable Internet service – including four outages in a one-year span – Eureka county may soon have a backup to its sole fiber optic lifeline to the outside world. At the fourth annual Redwood Coast Rural Action Broadband Forum, held Thursday at Fortuna’s River Lodge, former Redwood Region Economic Development Commission executive director announced that a project is under way to install a secondary fiber optic line. The project was initiated by Lost Coast Communications and is being financed by private Bay Area telecommunications company IP Networks Inc. Target customers for the secondary line service will be large institutions and Internet service providers, including local cable and Internet provider Suddenlink Communications, which has already gotten onboard with the project. Source:

34. August 21, IDG News Service – (National) Nokia admits security flaws in Series 40 OS. Nokia Corp. confirmed Thursday that its widely used Series 40 operating system has security vulnerabilities that could allow stealth installation and activation of applications. Nokia said some of its Series 40 products are vulnerable to an attack that could result in the secret installation of applications. The company said it has also found earlier versions of J2ME could allow privilege escalation or access to phone functions that should be restricted. Nokia said it isn’t aware of attacks against Series 40 devices, and the problems do not represent a “significant risk.” Source:

35. August 20, Ars Technica – (National) FCC Order scolds Comcast for changing story on P2P blocking. Comcast has 30 days to disclose the details of its “unreasonable network management practices” to the Federal Communications Commission (FCC), the agency warned Wednesday morning as it released its full 67-page Order. As the FCC chair said it would, the Commission’s Order rejects the ISP giant’s insistence that its handling of peer-to-peer applications was necessary. “We conclude that the company’s discriminatory and arbitrary practice unduly squelches the dynamic benefits of an open and accessible Internet,” the agency declares. In addition, the company’s “failure” to publicly reveal its true practices has “compounded the harm,” the Commission says. Beyond the 30-day deadline, Comcast must send the FCC a plan explaining how it will mend its ways by the end of the year, and do so by then. It must also disclose what the company’s new network management system will look like. Source: