Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, September 2, 2008

Complete DHS Daily Report for September 2, 2008

Daily Report


 The Associated Press reports that one worker was killed and a second was injured in an explosion Thursday night at a chemical plant in West Virginia. A state official said the chemical that appears to be involved is not especially toxic. (See item 5)

5. August 29, Associated Press – (West Virginia) 1 killed, 1 injured in W.Va. chemical plant blast. One worker was killed and a second injured in an explosion at a chemical plant that shook an area west of Charleston, West Virginia. The Thursday explosion sent a fireball hundreds of feet into the air and could be felt miles away. The blast occurred in a section of the Bayer CropScience plant where waste products are treated before disposal, a Bayer spokesman said. The unit had been closed for maintenance and was restarted earlier in the week. A state official said the chemical that appears to be involved is not especially toxic. Bayer said the cause of explosion has not been determined. The unit was shut down and will not be restarted until the company determines that it can be safely operated. A State Department of Environmental Protection spokeswoman said the plant produces several chemicals, including the one primarily involved in the fire, methyl isobutyl ketone. Methyl isobutyl ketone is used a solvent for gums, resins, paints, varnishes, lacquers and nitrocellulose, according the U.S. Environmental Protection Agency’s Web site. Air monitoring found no sign of chemical exposure, either on or off the site, Bayer said. As a precaution, emergency officials temporarily closed Interstate 64, U.S. 60 and state Route 25. Also, residents in at least five nearby communities were told to stay indoors. The highways were reopened and shelter-in-place orders lifted shortly after 2 a.m. Friday. Source:

 According to Wenatchee World, a Washington state investigation this summer discovered nearly 600 bodies of water that appear from aerial photographs to be illegally dammed reservoirs. The 244 dams and reservoirs identified as “high hazard” will be examined by a state inspector. (See item 32)

32. August 29, Wenatchee World – (Washington) Nearly 100 suspected illegal dams discovered in NCW. Nearly 600 bodies of water that appear from aerial photographs to be illegally dammed reservoirs – the largest one covering 26 acres – were discovered during a state investigation this summer. “We knew there were some out there, but we were surprised by the number of them,” said the dam safety supervisor for the state Department of Ecology. The agency scanned high-resolution aerial photos taken across the state to find reservoirs held by earthen dams that were built without required state permits. At the same time, property owners were given several months to voluntarily come forward and own up to having an unlicensed dam and reservoir without facing penalties. Of the 594 suspected illegal dams found in the pictures, 99 are in north central Washington. Grant County had the most in the state with 77. The 244 dams and reservoirs identified as “high hazard” – because they sit above at least three homes – will be examined by a state inspector, and then the property owners will be required to hire an engineer to provide recommendations on how to bring the facilities up to current safety standards. Source:


Banking and Finance Sector

10. August 28, Reuters – (National) Bank of NY Mellon data breach now affects 12.5 mln. Bank of New York Mellon Corp said on Thursday that a security breach involving the loss of personal information is much larger than previously reported, affecting about 12.5 million people, up from 4.5 million. The case is the largest new reported U.S. data breach in 2008, as measured by the number of exposed records, according to the Identity Theft Resource Center. According to Connecticut officials, the case stemmed from the bank’s February 27 loss of six to 10 unencrypted tapes, while it was transferring back-up tapes that contained names, addresses, birth dates and Social Security numbers. Source:

11. August 28, Mercury News – (National) Former venture capital manager convicted of stealing $20 million from clients. A 49-year-old former Silicon Valley venture capital fund manager was convicted of stealing more than $20 million from 13 clients. Prosecutors say that in 1999, the culprit began working as the manager of Anila Fund, a $15 million venture capital fund in Palo Alto. Over the next six years, he formed shell companies to raise money for the fund. He obtained loans and investments from banks, large corporations and some private citizens by exaggerating his personal wealth and the success of the shell companies, according to prosecutors. He provided his investors with dozens of phony financial statements and counterfeit documents, and forged signatures on signature cards, bank checks and stock certificates. At his sentencing, he is expected to be ordered to pay restitution to the 13 clients, which include US Bank, Wells Fargo, Eastman Kodak, Bank One and Silicon Valley Bank. Source:

Information Technology

26. August 28, Web Wereled Netherlands – (International) Defending Islam, hacker defaces thousands of Dutch websites. Over the last six weeks, a ‘hacktivist’ calling himself ‘nEt^DeViL’ has hijacked numerous Dutch sites, posting ideological statements on their home pages in retaliation for the anti-Islamic short film “Fitna” which was made and released earlier this year by a right-wing Dutch politician. Such an attack is known as website defacement., a website that tracks website defacement attacks worldwide, has documented thousands of compromised websites over the last months. Zone-H reports that ‘nEt^DeViL’ has hacked 18,157 websites as of Thursday, August 28. Source:

27. August 28, Redmond Mag – (National) Microsoft updates IE patch due to VML flaw. Microsoft this week released an update to a 2007 Internet Explorer (IE) patch covering Internet Explorer 5.01, Internet Explorer 6, and Internet Explorer 7. The update follows the company’s cumulative general security patch release for August, which included critical fixes for Microsoft’s browser application. The software giant says this latest IE security update, which was published on Wednesday, “resolves a privately reported vulnerability” in the Vector Markup Language (VML) implementation in Windows. The main purpose of VML is to allow servers to communicate with one another and share structured data, particularly via the Web. The updated IE patch addresses the kill bit for ActiveX controls, as well as the way certain strings in cascading style sheet (CSS) files are configured and aggregated for Web publishing. Source:

Communications Sector

28. August 28, Fort Wayne Journal Gazette – (Indiana) Fiber optic line cut. A fiber optic line was cut Thursday in Indiana, disrupting communications in several northeast Indiana counties, the Indiana Emergency Management Agency reported. In a statement relayed by the National Weather Service, the agency said work to fix the line is in progress, but when the work will be finished has not been determined. Service was disrupted in Allen, Adams, Blackford, Huntington, Jay, and Wells counties, the statement said. Source:

29. August 28, Associated Press – (Washington) Phone companies can’t ban class action in Washington. The Washington State Supreme Court has unanimously ruled that class-action lawsuit waivers in phone company contracts are not valid in Washington State because they violate state law. The high court’s decision was similar to a ruling it made last year in a case against Cingular Wireless. In Thursday’s case, a man sued AT&T over Wenatchee city taxes that showed up on his bill after he got long distance service in 2002. He actually lived outside Wenatchee city limits, but AT&T told him it charged the tax according to zip code - even though his zip code extended to people living outside the city. Source: