Department of Homeland Security Daily Open Source Infrastructure Report

Wednesday, September 3, 2008

Complete DHS Daily Report for September 3, 2008

Daily Report


Reuters reports that more than 825,000 customers in Entergy Corp.’s service area in Louisiana and Mississippi were without power Tuesday morning after Hurricane Gustav made landfall Monday morning. (See item 3)

3. September 2, Reuters – (Louisiana; Mississippi) Gustav Louisiana and Miss. power outages top 825,000: Entergy. More than 825,000 customers in Entergy Corp.’s service area in Louisiana and Mississippi were without power Tuesday morning after Hurricane Gustav made landfall Monday morning near Cocodrie, Louisiana. Entergy could not say when it would restore service to customers, including several oil refineries. Reports from outside the company estimated it could be ten days before power was restored. The company said the restoration would rival the scale and difficulty of the Hurricane Katrina recovery as the transmission system was extensively damaged, with 134 lines and 78 substations out of service. The New Orleans and Baton Rouge area is essentially an island, no longer connected to the rest of the system, Entergy said in a report Monday night. Monday night, Entergy said Gustav caused the third highest number of outages in the company’s 95-year history. The only larger numbers were 1.1 million during Hurricane Katrina and 800,000 during Hurricane Rita in August and September 2005. Entergy also expected the number of customers affected to grow as customers returned home and reported power outages. Source:

 According to Agence France-Presse, Australia warned on Sunday of a “high risk” of terror attacks on domestic and international flights in and to the United States, urging citizens to be vigilant while in the country. (See item 19)

19. August 31, Agence France-Presse – (National) Australia warns of high risk of terror attacks on U.S. flights. Australia on Sunday warned of a “high risk” of terror attacks on domestic and international flights in and to the United States, urging citizens to be vigilant while in the country. The department urged travelers to monitor the media for information about possible new security threats. “The United States Department of Homeland Security’s Advisory System Threat Level is at Orange for all domestic and international flights, indicating a ‘high’ risk of terrorist attack,” it said. Source:


Banking and Finance Sector

12. September 1, PC Advisor – (International) Crooks planned U.S. credit card scam in UK shops. Cyber criminals are planning a sophisticated, widescale scam that involves using cloned U.S. credit cards to target self-checkouts in United Kingdom supermarkets. According to the BBC, criminals have been plotting to clone magnetic stripes to create cards, and then use these cloned cards to loot U.S. bank accounts at British checkouts. In online forums, the thieves discussed how to use self-service tills, in particular in Asda and Tesco, to conduct transactions without being watched by a cashier. But the supermarkets told the BBC that there was little chance the criminals would make significant gains. A security expert at software supplier RSA said cloning the magnetic stripe on the card is “one of the simplest ways to commit fraud”. Unlike the UK chip-and-pin system, U.S. credit cards require only a signature for transactions. In the planned scam, the fraudster would create cloned cards, and could therefore use any signature they wish. The Dedicated Cheque and Plastic Crime Unit said the only way to effectively stop this type of crime was for the U.S. to follow Europe in using the chip and pin system. “Ultimately, the buck stops with the U.S.,” a spokesperson said. Source:

13. August 31, Boston Globe – (National) Could this chip have prevented the TJX breach? TJX. Cos. is urging banks and other retailers to embrace a multibillion-dollar technology that uses a tiny computer chip to stop criminals from using stolen debit and credit cards. In one of the first interviews by a top TJX executive following a record security breach, the vice chairman told the Globe that the U.S. payment system should follow countries in Europe and Asia that have rolled out credit and debit cards embedded with computer chips. If the cards were in use worldwide, he said, the technology would have ruined a scheme in which thieves stole as many as 100 million account numbers from TJX since 2005, by making the numbers harder to reuse. Many other countries already have introduced the high-tech cards that slide into special readers at the checkout counter. But the technology has not caught on in the U.S. because of the high costs, and TJX says that puts the country at a greater risk for fraud. The official also proposes that card companies, banks, and retailers share the costs of upgrading to a “Chip and PIN” system. The name refers to the computer chips embedded on payment cards and the personal identification numbers required to authenticate purchases made with those cards. Such an upgrade would likely cost billions to introduce in the United States, industry specialists estimate, including around $2 for each new credit card and up to $500 for each of merchants’ 12 million card readers. Source:

14. August 31, Associated Press – (National) Chinese bankers, wives found guilty in bank scam. Two former Bank of China managers and their wives have been convicted Friday in U.S. District Court in Las Vegas of racketeering conspiracy, money laundering conspiracy and conspiracy to transport stolen money. They ran an elaborate, 13-year scheme to embezzle $485 million from a state-owned bank and laundered the money in other countries. Prosecutors said they tried to launder more than $3 million by making deposits at several Las Vegas casinos, which can operate like banks. The casinos were not accused of wrongdoing. They said the bankers’ wives helped launder the money, entered the U.S. illegally, and received U.S. citizenship and passports through deceit. Source:

Information Technology

49. September 2, SpamFighter – (International) Russian spammers involved in building new botnet for more attacks. According to the University of Alabama at Birmingham (UAB) Spam Data Mine, the Russian-Georgian Cyber War reached a new height on the morning of August 17, 2008 when over 500 e-mails were received in just 90 minutes at the UAB. The university started receiving poorly crafted e-mails on August 15, 2008, and now they account for five percent of the total spam traffic. Moreover, the e-mails contain attractive headlines such as “Mikheil Saakashvili gay scam - news of the week” that lure victims into reading a phony BBC story on the Georgian President. The link provided in the e-mails takes victim to a Web server loaded with malicious content and it tries to compromise the user’s system. It seems that spammers are trying to build a botnet but the motive behind establishing this network is still unclear. It may be used for launching more attacks against computers of the Georgian government. The director of Product Management with Symantec Security Response said that the malevolent software is a new variant of Trojan.Blusod program, as reported by NetworkWorld. Earlier, spammers used this Trojan to load antivirus program on computers by making users believe that their system infected with virus and the program could clean the problem on charges. Source:

Communications Sector

50. September 2, Webwire – (Texas) AT&T offers free phones to Gustav evacuees. AT&T Inc. announced Tuesday the availability of at least 2,000 GoPhone devices with $15 in air time to residents who have been ordered to evacuate their homes due to Hurricane Gustav. The phones will be made available on a first-come, first-serve basis while supplies last to residents who live in any area that government has declared a mandatory evacuation area. The phones will be available at all company-owned AT&T retail locations in Houston and San Antonio, Texas, both cities seeing large numbers of incoming evacuees from Louisiana and far southeast Texas. AT&T is rushing extra shipments of GoPhones to the Houston and San Antonio stores, and they are expected to be available as early as Monday evening. Source:

51. September 1, Princeton Daily Clarion – (Indiana) Insight cable, Internet, phone back on in most areas. Contractors spent most of the day Monday repairing cable lines in Fort Branch, Indiana, that were damaged when a group of hunters shooting at doves perched on the lines damaged fiber optic equipment, according to an Insight Communications spokesman. Insight cable television, high-speed Internet, and digital telephone service were back up and running in most areas around 6 p.m., he reported. Repair personnel were forced to splice together fiber optic lines the size of a human hair, as service came and went throughout the afternoon. Source:

52. August 31, Salt Lake Tribune – (Utah) Broadweave has been operating the fiber-optic network since July. Early Saturday morning, the Mayor of Provo, Utah, and Broadweave Networks’ chief executive signed final documents to close the $40.6 million sale of the iProvo fiber-optic network. Broadweave started operating the network in July, but the final settlement was delayed as its investors reviewed the purchase agreement. Broadweave will provide wholesale access for Veracity and Nuvont and retail service to former Mstar customers. Provo borrowed $39.5 million in 2004 to build the iProvo fiber-optic network to provide television, Internet and phone service to residents. The city planned to be the system provider, but state law restricted it to being a wholesale provider, leasing bandwidth to companies. Source: