Department of Homeland Security Daily Open Source Infrastructure Report

Thursday, September 4, 2008

Complete DHS Daily Report for September 4, 2008

Daily Report


 According to Reuters, both the River Bend and Waterford 3 nuclear reactors in Louisiana remained shut Wednesday morning. (See item 6)

6. September 3, Reuters – (Louisiana) Some 814,000 Entergy customers still without power. Entergy shut the River Bend nuclear power station in Louisiana Monday afternoon due to the loss of demand caused by extensive outages in the region. Before the storm hit, Entergy shut the Waterford 3 nuclear power reactor in Louisiana Sunday night in anticipation of the heavy winds forecast. Both nuclear reactors remained shut Wednesday morning. Source:

 The Associated Press reports that though Hurricane Gustav brought down cellular and Internet service in parts of Louisiana, its impact was much milder than that of Hurricane Katrina. (See item 37)

See details below in Communications Sector.


Banking and Finance Sector

10. September 3, Seacoast Online – (Maine) York police warn residents of phishing scam. York Police Department officials said they have received multiple complaints about a phishing scam. Potential victims receive a message on their home answering machine from someone who claims to be from MasterCard and asks the card holder to call (800) 723-9947. The voice, which sounds animated, says there is a problem with an overage fee or charge. An automated message at the 800 number asks the victim to provide name, card number, date of birth and other information. It is an organized scam to get personal information, said a detective. “At no time would Master Card contact a card holder about charges. Only the bank that issued the card to you would call with potential problems with the card.” Source:

11. September 2, Milwaukee FBI Office – (Wisconsin) Arrests made in major bank fraud and identity theft scheme. A Special Agent-in-Charge of the Milwaukee Office of the Federal Bureau of Investigation (FBI) announced Tuesday the arrests of two suspects, who were charged with knowingly conspiring and executing a scheme to defraud a financial institution. This multi-state bank fraud and identity theft scheme involves at least $2.6 million, and at least four financial institutions. The investigation is continuing as the individuals appear to be part of a larger fraud scheme. The bank fraud and identity theft committed involved the use of stolen personal information from victims and the use of the personal information to obtain high-dollar loans from financial institutions, purportedly to purchase boats. In some instances, the vessels themselves were fictitious. Source:

Information Technology

34. September 3, VNUNet – (International) Dramatic rise in botnet-controlled PCs. The number of computers currently controlled by botnets has exploded in recent months, according to researchers. Recent figures recorded by the Shadowserver Foundation reveal that the number of computers infected by botnets has quadrupled in the past 90 days. The increase comes despite a slight drop in the number of botnets, leading researchers to believe that the increase has largely benefited the established operators in the field. The increase has also come despite little to no increase in the volume of new malware and viruses being discovered in the wild. Some researchers believe that computers are being infected through web-based attacks, specifically SQL injection. A Sans Institute researcher noted that the increase in botnet infections seems to coincide with the appearance of large-scale SQL injection attacks, in which hundreds of thousands of web pages are compromised with embedded exploit code. He suggested that many security firms lack a mechanism for accurately rooting out the SQL attacks before they become widespread. Source:

35. September 3, – (International) USA is top hosting Web-based malware country. ScanSafe has issued data on the top three countries hosting Web-based malware including viruses, Trojans, root kits, password stealers, and other malicious programs. The U.S. ranked first (42 percent), China ranked second on the list (12 percent), and Germany ranked third (six percent). A large number of the malware hosts in the last month were part of the Asprox fast flux bot network–PCs that have been enlisted into the bot network and mask the true origin of the actual host. According to a ScanSafe report, Web-based malware has already increased by 278 percent in the first half of 2008. Web users should not associate malware only with suspect websites. More and more legitimate sites are being targeted by attackers and websites where the Olympic Games are streamed online by broadcasters could be a prime area for compromise. Source:

Communications Sector

36. September 2, Associated Press – (Arkansas) AT&T launches TV, Internet and phone service in 6 Ark. communities. AT&T Inc. on Tuesday launched a combined television-Internet-telephone service in six Arkansas communities, prompting an already established provider to remark that it welcomed the competition. AT&T had to obtain franchise agreements with communities to begin offering television service. The service is available in Benton, Cammack Village, Little Rock, Maumelle, North Little Rock, and Sherwood. The company plans to extend service in northwestern Arkansas.


37. September 2, Associated Press – (Louisiana) Gustav brings down cell, Internet service. Power outages caused by Hurricane Gustav brought down cellular and Internet service in parts of Louisiana, but its impact was much milder than that of Katrina. AT&T Inc., the main landline phone company in the state, said it had 2,000 employees working to assess damage and perform repairs. Most of its cellular towers in areas hit by the hurricane were working Tuesday, according to a spokesman. Verizon Wireless said less than one percent of its Gulf Coast cell towers were out of operation Tuesday morning, mostly due to power outages. “Power is the only critical issue affecting our network,” added a Sprint Nextel Corp. spokeswoman. On Tuesday morning, the company was waiting for permission from officials to enter stricken areas so it could connect portable generators to blacked-out cell sites and refill the fuel tanks of those that have their own generators. T-Mobile USA said it had also some network disruptions in south-central Louisiana due to commercial power issues. Source: