Department of Homeland Security Daily Open Source Infrastructure Report

Thursday, August 28, 2008

Complete DHS Daily Report for August 28, 2008

Daily Report

Headlines

 The Rutland Herald reports that about a dozen workers in the reactor building at the Vermont Yankee nuclear plant in Vermont were evacuated Tuesday because of a doubling of radiation levels in a portion of the plant. Entergy officials said the higher radiation levels were the result of human error in changing a filter in the reactor’s cooling system. (See item 10)

10. August 27, Rutland Herald – (Vermont) Yankee workers evacuated. About a dozen workers in the reactor building at the Vermont Yankee nuclear plant were evacuated Tuesday around noon because of a doubling of radiation levels in a portion of the plant, Entergy officials said late Tuesday. The higher radiation levels were the result of human error, they said, in changing a filter in the reactor’s cooling system. There were no radioactive releases to the environment and the problem did not affect the operation of the plant nor its power production, according to a spokesman for Entergy Nuclear. He said the worker failed to clean all the water off a demineralization filter, and the extra water in the reactor’s cooling system created additional nitrogen, which became radioactive. He said the nitrogen gas decayed to “negligible levels” within seconds. The workers were kept out of the reactor building for about two hours. He said the problem was under investigation. He said Entergy Nuclear notified the U.S. Nuclear Regulatory Commission and the Vermont Department of Emergency Management as a courtesy. He said that control room operators noticed the doubling of radiation levels in the main steam line in the reactor building. Entergy Nuclear notified the public about the problem shortly before 5 p.m. Source: http://www.rutlandherald.com/apps/pbcs.dll/article?AID=/20080827/NEWS02/808270353/1003/NEWS02


 According to the Associated Press, an electronic communication failure at a Federal Aviation Administration facility in Hampton, Georgia, caused mass flight delays around the country. (See item 18)

18. August 27, Associated Press – (National) FAA says communication breakdown delayed flights. Mass flight delays caused by an electronic communication failure at a Federal Aviation Administration facility drew new criticism. The Northeast was hardest hit by the delays prompted Tuesday by a glitch at a Hampton, Georgia, facility that processes flight plans for the eastern half of the U.S. By early evening, the FAA said that the situation around the country was returning to normal, with delays remaining in Atlanta and Chicago. At one point, an FAA Web site that tracks airport status showed delays at some three dozen major airports across the country. An FAA spokeswoman said there were no safety issues and officials were still able to speak to pilots on planes on the ground and in the air. She said she did not know exactly how many flights were affected, but she said it was in the hundreds. The FAA did not expect to have total figures until Wednesday. She said that in a 24-hour period the FAA processes more than 300,000 flight plans in the U.S. The official said the problem that occurred Tuesday afternoon involved a failure in a communication link that transmits flight plan data from the Georgia facility to a similar facility in Salt Lake City. As a result, the Salt Lake City facility had to process those flight plans, causing delays in planes taking off. She said the delays were primarily affecting departing flights. The official added that there was an unrelated hardware problem at the Hampton facility on Aug. 21 that resulted in issues processing flight plans. The FAA says on its Web site that a glitch that day involving the Hampton facility delayed the departure of at least 134 flights. Source: http://ap.google.com/article/ALeqM5jRgDahJp29m0syjpH485FiJuXktwD92QGASO0


Details

Banking and Finance Sector


14. August 27, National Mortgage News – (Minnesota) Final defendant in First Rate Mortgage scheme sentenced. The last defendant involved in a fraudulent mortgage brokering business known as First Rate Mortgage Group that resulted in a loss to area banks of more than $2.3 million was sentenced in Federal Court, according to the U.S. attorney’s office for the District of Minnesota. All six defendants pleaded guilty last fall to one count of conspiracy to commit mail fraud and bank fraud. They admitted that between 2000 and August 2004 they conspired to use the U.S. Mail to execute a scheme to defraud financial institutions and private mortgage lenders of funds. Specifically, through their business, First Rate Mortgage Group, they represented that, for a fee, they could help people obtain financing for the purchase of real estate. In furtherance of their scheme, they mailed false and fraudulent loan applications to banks and mortgage lending companies, which concealed that First Rate Mortgage had loaned the money for the downpayment to the borrower. The applications also inflated the borrower’s income and assets, falsely described the borrower’s employment, contained forged signatures and attached false documents, including pay stubs, gift letters, bank statements and bank notes. In January 2004, the six defendants caused false loan applications to be submitted to Washington Mutual Bank in the amount of $1.33 million and Associated Bank in the amount of $378,555 on behalf of a borrower purchasing property in Wayzata, Minnesota. The applications falsely stated the source of the downpayment, which had been loaned by the conspirators, and included other falsified information. This case is the result of an investigation by the FBI and the U.S. Postal Inspection Service. Source: http://www.nationalmortgagenews.com/fraud/stories/?storyid=20080820a.htm


15. August 26, Associated Press – (International) Banking customers’ personal details sold on eBay. A computer containing banking security details of more than one million people has been sold on eBay, bank officials said Tuesday - the latest in a series of losses of personal data in the U.K. The Royal Bank of Scotland acknowledged that a machine belonging to archiving company Graphic Data and sold “inappropriately to a third party” had information on credit card applications from some RBS customers and data from other banks. The computer contained account numbers, passwords, mobile telephone numbers and signatures. Source: http://www.forbes.com/feeds/ap/2008/08/26/ap5360026.html


16. August 26, All Headlines News – (National) Data breach incidents at an all-time high in the U.S. From January until August this year, 449 American businesses, government agencies and schools reported consumer data loss, according to the Identity Theft Resource Center. In contrast, 446 data breaches were recorded by the center for 2007 covering 127 million consumer records. The bulk of the record breach incidents were traced to retail chain TJX, which runs T.J. Maxx outlets. The District of Columbia and 44 states have legislation requiring companies that were victims of data loss to inform their affected clients. But only Maryland, New Hampshire and Wisconsin regularly publish data breach cases in their states online, Foley said. The center said 13 percent of the data breach is done by hacking, 15.6 percent to information theft done by company employees, 21 percent to lost laptops and other digital gadgets, 14 percent accidental publishing of sensitive consumer information and 11 percent breaches done by subcontractors. Source: http://www.allheadlinenews.com/articles/7012070780


17. August 26, Associated Press – (California; National) Citi pays $18M for questioned credit card practice. Citigroup Inc. will pay nearly $18 million in refunds and settlement charges for taking $14 million from customers’ credit card accounts, California’s attorney general said Tuesday. Citigroup will make refunds to the 53,000 customers affected, and pay $3.5 million in damages and civil penalties to the state of California, which had been investigating the questionable practices for three years, the attorney general said. The bank will also pay 10 percent interest to California customers, who accounted for $1.6 million of the money “swept” out of accounts and into a Citi fund between 1992 and 2003. Citigroup’s “account sweeping program” automatically removed positive balances from customers’ credit card accounts, an attorney general said. For instance, if a customer double-paid a bill by mistake or refunded a purchase for credit, that positive balance was then taken from the customer without notification, he said. Citigroup, however, said in a statement that it voluntarily stopped the computerized “sweeping” practice in 2003, and that it also voluntarily began refunding customers before the settlement. Source: http://ap.google.com/article/ALeqM5im7vDRMYCHb80J8mbj_wexTdskBAD92Q6F503


Information Technology


41. August 27, VNUNet – (National) Malware rockets again. Last month saw more web-based malware blocked than the whole of 2007, an increase of a third, according to security as a service vendor ScanSafe. The firm’s latest Global Threat Report for July found an increase of 87 percent in web-based malware blocks from June to July, mainly caused by the increasing use of SQL injection attacks. July also saw a surge in social engineering-based email attacks, where users are tricked into installing backdoor Trojans and other malware on their PCs. According to ScanSafe, 95 percent of its customers tried to click on links to malicious sites in these emails. Source: http://www.vnunet.com/vnunet/news/2224747/malware-rockets-again


42. August 26, SPAMfighter – (National) Three botnets yield 75% spam in H1 2008, says Marshal. The Threat Research and Content Engineering (TRACE) report by Marshal for H1 2008 revealed that three botnets accounted for 75 percent of spam in the January-June 2008 review period. All the three botnets produced billions of messages every hour through zombie computers. The analysis further revealed that cyber criminals are employing blended attacks to send malware and links to hacked Websites through e-mails on a massive scale. Un-patched browsers are making more than 45 percent of users vulnerable to attacks by exposing their personal details when they visit the legitimate site loaded with malicious code, said Marshal. Marshal said the volume spam doubled in the first six months of 2008. Srizbi botnet, the most productive offender during review period, sent more than 7.80 billion spam messages every hour. Srizbi is the world’s largest botnet controlling over 315,000 compromised machines and sending more than 50 percent of the total spam mails, followed by Mega-D and Rustock each accounting for 14 percent. Marshal further said that 90 percent of spam originated from a mere seven botnets, pointing to millions of computer infected with Trojan worldwide Source: http://www.spamfighter.com/News-10838-Three-Botnets-Yield-75-Spam-in-H1-2008-Says-Marshal.htm


Communications Sector


43. August 26, Monterey County Herald – (California) Broken cable hits cell phone service. A broken fiber-optic cable in the San Jose area disrupted Verizon cell phone service from Eureka to Santa Barbara, a company spokeswoman said Tuesday afternoon. She said crews are working to repair the line owned by Qwest Communications that was cut about 2 p.m., adding that other communications companies may be affected. Verizon cell phone users may experience call failure, poor call quality, or be unable to access features such as voice mail, depending on the cell phone towers in their area, she said. Disruptions occurred in Monterey, San Jose, San Luis Obispo, Santa Barbara, Chico, Redding, Yreka, and Eureka. Source: http://www.montereyherald.com/breaking/ci_10308867