Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, September 9, 2008

Complete DHS Daily Report for September 9, 2008

Daily Report


 CNN Money reports that federal officials unveiled the takeover of Fannie Mae and Freddie Mac, putting the government in charge of the mortgage giants and the $5 trillion in home loans they back. (See item 13)

For details see Banking and Finance sector below.

 Reuters reports that a Boeing machinist strike that is halting production at the plane maker’s Seattle-area plants is likely to cause problems for a long list of suppliers across the world in an increasingly global aerospace business. (See item 16)

16. September 8, Reuters – (National) Boeing strike threatens global aero industry. Boeing Co’s 27,000 machinists prepared for the third day of a strike, halting production at the plane maker’s Seattle-area plants in protest at Boeing’s contract offer and what they see as plans to shift more jobs to non-union and foreign companies. The fourth strike in 20 years by Boeing’s biggest union threatens to cost the company $100 million a day in revenue and is likely to cause problems for a long list of suppliers across the world in an increasingly global aerospace business. Union members in the nearby IAM hall said there would be more action early on Monday Seattle time, when greater numbers of picketers are expected at the plant’s gates to see if workers attempt to cross the picket line. In the U.S., Spirit Aerosystems Holdings Inc., a former Boeing unit making the front fuselage, looks to be the most vulnerable. Aerospace component firms Rockwell Collins Inc. and Goodrich Corp. may also face inventory problems if Boeing stops taking delivery of parts. There will be no further production of Boeing’s 737, 747, 767 and 777 planes – one of the main U.S. export currency earners – and the already delayed 787 Dreamliner could fall even further behind schedule. The new freighter version of the popular long-range 777, which has 75 orders and is set for first delivery in the fourth quarter, also faces delays, along with early production work on Boeing’s new jumbo, the 747-8. Airlines have been quiet so far on the effects of the strike. Source:


Banking and Finance Sector

12. September 8, Bloomberg – (National) SEC ‘missed opportunity’ to save auction-rate buyers. The U.S. Securities and Exchange Commission failed to protect investors from the collapse of the $330 billion auction-rate market by not policing how banks sold the bonds to customers. Federal regulators did not stop brokers from selling the long-term securities to individuals as alternatives to cash late last year when credit markets seized up, though they knew dealers routinely propped up the bonds. The SEC ended a probe of bid- rigging in May 2006 by permitting 15 banks to take part in auctions as long as they disclosed it on the Internet. “It’s obvious they missed an opportunity,’’ said the Massachusetts Secretary of State, who filed complaints against UBS AG, the biggest Swiss bank, and Merrill Lynch & Co., the third-largest brokerage firm, in June and July. “They could have raised a red flag.” The collapse left investors who thought they were holding something similar to money-market funds with long-term securities they could only sell at losses of as much as 40 percent, according to data compiled by New York-based Restricted Stock Partners, which trades auction-rate bonds. Source:

13. September 7, CNNMoney – (National) U.S. seizes Fannie and Freddie. Federal officials on Sunday unveiled the takeover of Fannie Mae and Freddie Mac, putting the government in charge of the mortgage giants and the $5 trillion in home loans they back. The move, which extends as much as $200 billion in Treasury support to the two companies, marks Washington’s most dramatic attempt yet to shore up the nation’s housing market, which is suffering from record foreclosures and falling prices. The sweeping plan, announced by the Treasury Secretary and the director of the Federal Housing Finance Agency (FHFA), places the two companies into a “conservatorship” to be overseen by the Federal Housing Finance Agency. Under conservatorship, the government would temporarily run Fannie and Freddie until they are on stronger footing. On Sunday, officials stressed that both Fannie and Freddie will be open for business on Monday morning, although the firms will have undergone a dramatic facelift by then. In addition, the Treasury Department announced a series of moves targeted at providing relief to both housing and financial markets. The Treasury would boost housing by purchasing mortgage-backed securities from Freddie and Fannie, as well as offering to lend money to the companies and the 12 Federal Home Loan Banks. The home loan banks advance funds to more than 8,000 member banks. The Treasury, with fellow regulator FHFA, will also buy preferred stock in Fannie and Freddie to provide security to the companies’ debt holders and bolster housing finance. Source:

14. September 5, Wired Blog Network – (International) Israeli hacker known as “The Analyzer” suspected of hacking again. Canadian authorities have announced the arrest of a 29-year-old Israeli believed to be the notorious hacker known as “The Analyzer” who, as a teenager in 1998, hacked into unclassified computer systems belonging to NASA, the Pentagon, the Israeli parliament and others. The culprit and three Canadians were arrested for allegedly hacking the computer system of a Calgary-based financial services company and inflating the value on several pre-paid debit card accounts before withdrawing about CDN $1.8 million (about U.S. $1.7 million) from ATMs in Canada and other countries. The arrests followed a months-long investigation by Canadian police and the U.S. Secret Service. Source:

15. September 5, Orlando Sentinel – (Florida) Police warn of ‘phishing’ scam targeting bank customers. The Altamonte Springs, Florida, Police Department announced that the Bank of America Fraud Response team is currently investigating an e-mail “phishing” scam that attempts to obtain unauthorized access to banking software including Bank of America Direct. Recent fraudulent e-mails appearing to be from Bank of America have been identified as phishing e-mails. The e-mail may ask customers to verify confidential account information by clicking on a Customer Verification Form with a fraudulent link provided in the e-mail. The message may refer to a required or mandatory confirmation necessary for a routine software upgrade. Phishing e-mails often contain links that if clicked, may trigger the installation of malicious software onto the client’s computer that can capture sensitive data, including information about their Bank of America and other financial institution accounts. Source:

Information Technology

48. September 8, CNET News – (National) Facebook app herds PCs into botnet. Researchers have created a proof-of-concept application for Facebook that turns the machines of people, who add the app to their Facebook page, into elements of a botnet. In a demonstration, the botnet launched denial-of-service attacks on a victim server. “Social-network websites have the ideal properties to become attack platforms,” according to the Antisocial Networks: Turning a Social Network into a Botnet paper, written by five researchers from the Institute of Computer Science in Greece and one researcher from the Institute for Infocomm Research in Singapore. The demo application, ‘Photo of the Day’, displays a new photo from National Geographic every day. However, every time someone views the photo, the host computer is forced “to serve a request of 600KB”, according to the paper. Such a botnet could be used for other types of attacks, such as spreading malware, scanning computers for open ports, and overriding authentication mechanisms that are based on cookies, the paper warns. The researchers suggested that Facebook and other social networks exercise caution in designing their platform and application programming interfaces (APIs) so that there are few interactions between the “social utilities they operate and the rest of the internet”. Source:,1000000189,39485526,00.htm

49. September 8, Network World – (National) McAfee touts “cloud-based” malware defense system. McAfee Monday is announcing a change in how it delivers malware-signature software updates that it says should result in much speedier fixes. Instead of only waiting to distribute signature updates after a daily analysis of collected malware samples, McAfee via its new McAfee Artemis Technology method is making changes to its existing software so that if suspicious and as yet-unidentified harmful code is detected on the customer’s machine during surfing or in some form of download, a process will occur in which that code will be collected and instantly uploaded to a McAfee analysis point for automated review. “You will be delivered a signature update on the fly,” said the director of security research and communication at McAfee Avert Labs. The move is part of a growing “cloud-based” antimalware movement also embraced by competitors F-Secure and Trend Micro in an effort to handle exploding malware volume. Source:

Communications Sector

50. September 8, Ars Technica – (National) New satellite to give Google Maps unprecedented resolution. As part of a joint venture between a commercial satellite imaging provider and the Department of Defense, Google launched a rocket into space Saturday. In return for undisclosed terms, Google got two considerations: its logo on the side of the launch vehicle and exclusive use of the mapping images that the satellite produces. The partnerships in the new satellite are extensive. The hardware was built by General Dynamics and put in orbit by Boeing; the funding for the project came in part from a commercial satellite imaging company, Geoeye. The rest of the funding came from the Defense Department’s National Geospatial-Intelligence Agency, which provides map-based intelligence resources. The launch took place yesterday from the Air Force’s Vandenberg Air Force Base in California. Source:

51. September 8, Washington Post – (National) Phone companies freed from reporting mandate. The Federal Communications Commission (FCC) approved late Saturday a request by telephone giant AT&T to end a decades-long requirement for the company to submit an annual report on service quality and infrastructure investments. The decision also extended to other providers, including Verizon Communications and Qwest, which had filed similar petitions. The FCC granted the requests on the condition that the companies continue to report and track data on consumer complaints and investments for two years. Consumer groups have criticized the proposal, saying such information keeps phone companies accountable to their subscribers and gives smaller phone providers important data to remain competitive. Source: