Department of Homeland Security Daily Open Source Infrastructure Report

Monday, September 15, 2008

Complete DHS Daily Report for September 15, 2008

Daily Report


 According to the Associated Press, at least 46 million Americans are affected by trace amounts of pharmaceuticals in drinking water. Positive tests were reported in 17 additional metropolitan areas since an investigation conducted in March. However, the overwhelming majority of U.S. cities have still not tested drinking water. (See item 24)

24. September 12, Associated Press – (National) Report: Prescription drug-tainted drinking water affects 46 million Americans. Testing by local and federal officials has shown that more Americans are affected by trace amounts of pharmaceuticals in drinking water than previously thought – at least 46 million. That is up from 41 million people reported by the Associated Press (AP) in March as part of an investigation into the presence of pharmaceuticals in the nation’s waterways. The AP stories prompted federal and local legislative hearings, brought about calls for mandatory testing and disclosure, and led officials in at least 27 additional metropolitan areas to analyze their drinking water. Positive tests were reported in 17 cases, including Reno, Nevada, Savannah, Georgia, Colorado Springs, Colorado, and Huntsville, Alabama. Results are pending in three others. The overwhelming majority of U.S. cities have not tested drinking water, while eight cities – including Boston, Phoenix, and Seattle – were relieved that tests showed no detections. While the comprehensive risks are still unclear, researchers are finding evidence that even extremely diluted concentrations of pharmaceutical residues harm fish, frogs, and other aquatic species in the wild and impair the workings of human cells in the laboratory. And while the new survey expands the known extent of the problem, the overwhelming majority of U.S. communities have yet to test, including the single largest water provider in the country, New York City’s Department of Environmental Protection, which delivers water to nine million people. Source:,2933,421444,00.html

 The Associated Press reports that in a disaster, nearly two-thirds of U.S. parents would disregard orders to evacuate and would rush to pick up their kids from school, according to a new survey. The authors of the study said that despite years of government efforts to enhance disaster preparedness, schools need to do more to plan for disasters and parents need to be made aware of the plans. (See item 34)

34. September 12, Associated Press – (National) Survey finds holes in U.S. disaster preparedness. In a disaster such as an earthquake or terrorist attack, nearly two-thirds of U.S. parents would disregard orders to evacuate and would rush to pick up their kids from school, according to a new survey. The survey found that 63 percent of parents would ignore orders to evacuate and instead attempt to reunite with their children, possibly hindering rescue efforts by adding to traffic congestion. The authors of the study, released Thursday on the seventh anniversary of the September 11 attacks, said that despite years of government efforts to enhance disaster preparedness, schools need to do more to plan for disasters and parents need to be made aware of the plans. The report was commissioned by the National Center for Disaster Preparedness at Columbia University’s Mailman School of Public Health and the Children’s Health Fund. The federal Department of Homeland Security has allocated billions of dollars to help state and local governments set up disaster contingency plans. But just 44 percent of the U.S. residents surveyed this year said they have all or some of the basic elements of a disaster preparedness plan, including food, water, a flashlight with extra batteries, and a meeting place in case of evacuation. Source:


Banking and Finance Sector

14. September 12, Boston Globe – (National) Hacker pleads guilty in breach. Federal prosecutors won a guilty plea Thursday from one of 11 men who made up a ring that was charged last month with the largest data theft case in history, involving tens of millions of customers of retailers, including TJX Cos. of Framingham and BJ’s Wholesale Club of Natick, Massachusetts. Separately, the government also said it has evidence the group breached the security of many more businesses than previously disclosed. The filing did not disclose the businesses, and an assistant U.S. attorney did not release any more details in court. In all, more than 40 million credit and debit card numbers were stolen by the conspirators, he wrote, potentially victimizing hundreds of banks that issued the cards. Prosecutors said two of the men were key players in a loose-knit ring spanning countries from China to Ukraine that stole or trafficked in more than 40 million payment cards in all, causing more than $400 million in damages. The ring initially accessed customer data by using laptops to penetrate wireless networks of retail stores, from which they were able to access the companies’ servers. Source:

15. September 12, Times – (International) ‘Hacker network’ targets UAE banks in ATM cash fraud. Banks in the United Arab Emirates (UAE) are struggling to resolve a security breach after it emerged that hackers used counterfeit bank and credit cards to steal funds from customers’ accounts. An initial investigation by the banks indicated that cash machines were rigged with devices that stole customers’ PINs as they made withdrawals. One industry source suggested that the problem could be internal and more widespread. “The fact that the stolen numbers appear to have been stolen randomly suggests the banks themselves were somehow breached.” A general manager of retail banking for Emirates NBD, one of the nation’s largest lenders, said that the hackers were part of an international network, with most of the fraudulent transactions originating from more than 20 countries outside the UAE. The banks have tried to prevent further losses by sending text messages urging their customers to change their PINs, and promising to reimburse them for any funds stolen from their accounts. HSBC, Citibank, Lloyds TSB, National Bank of Abu Dhabi, and Emirates NBD have issued statements saying that the problem is under control, but some customers remain unconvinced and believe that the banks failed to protect them. Some of the lenders moved to block the accounts of clients who have failed to change their PINs, causing chaos. Dubai Bank said that it had temporarily blocked international access to its cash machines after 42 of its customers’ accounts were breached. Source:

16. September 11, Associated Press – (National) Brokerage to pay fine for alleged security breach. A brokerage firm has agreed to pay a $275,000 fine following a series of alleged online hacking incidents into customer accounts. The Securities and Exchange Commission (SEC) said Thursday that LPL Financial Services failed to protect its customers’ personal information, leaving at least 10,000 clients vulnerable to identity theft. The company, which has headquarters in Boston, Charlotte, North Carolina, and San Diego, will pay the fine without admitting or denying the allegations. A SEC order against the firm claims hackers accessed customers’ accounts between July 2007 and early 2008 and attempted to place more than 200 unauthorized trades worth more than $700,000. No arrests have been made. Source:

17. September 11, Reuters – (National) House votes to bolster SEC enforcement power. The House of Representatives passed a bill on Thursday to strengthen the enforcement arm of the U.S. Securities and Exchange Commission (SEC). The bill would give the investor protection agency broader authority to impose financial penalties and more explicit ability to ban securities law violators from other parts of the financial industry. The Securities Act of 2008 is not yet a companion bill in the Senate. The legislation includes a number of measures the SEC has been actively seeking, including the authority to obtain financial penalties from wrongdoers in SEC administrative proceedings without needing to file a separate civil action in federal court. It would also allow the SEC to prevent individuals who commit fraud in one sector of the securities industry from conducting business in other parts of the securities market. Further, it would for the first time make nationwide service of subpoenas available in civil actions filed in federal court. The bill has the support of the North American Securities Administrators Association, an association representing 67 state, provincial, and territorial securities administrators. The SEC said the bill would eliminate unnecessary duplication and extraneous responsibilities for the agency’s enforcement staff. Source:

Information Technology

37. September 11, Register – (National) ‘UK’s Chernobyl’ spam spreads Trojan. A widespread spam campaign claims that a nuclear power plant on the outskirts of London exploded on Tuesday afternoon. The email claims to offer pictures of victims. In reality, the attached zip file is contaminated with a Trojan horse, identified by net security firm Sophos as Troj/Agent-HQE. Once the malware is installed, hackers can use it to spy on the victim’s computer and steal information for financial gain. The emails typically arrive with subject lines such as – Reply: A report on radiation contamination of Canada. “Rather than use a real life event, the hackers have turned to fictional explosions and conspiracy theories in the hope they will strike a nerve with potential victims who will then click on the attachment without a second thought,” commented a senior technology consultant at Sophos. “People are sometimes tempted to click on something they receive by email in the misguided belief that their anti-virus software will always protect them,” he added. Source:

38. September 11, CNET News – (National) New tool creates fake YouTube pages for spreading malware. Cybercriminals are getting more and more business-like. The latest examples involve a tool that automates the creation of fake YouTube Web sites that can be used to deliver malware and password-cracking services for sale. Panda Security said it has uncovered a tool circulating in underground hacking forums, dubbed YTFakeCreator, that enables anyone to easily create a fake YouTube page that surreptitiously installs a Trojan, virus, or adware on a visitor’s computer, said the chief corporate evangelist of Panda Security. The tool does not spread the video link on its own. An attacker must distribute it via e-mail, FTP, IRC channels, peer-to-peer file-sharing networks, or CD. Once a visitor arrives at the page, a fake error message appears saying that the video can not be played because an important software component, such as a codec or Flash update, is missing. The visitor is prompted to download the software and the malware is installed. YTFakeCreator makes it easy for even unskilled people to set up an attack. Source:

Communications Sector

39. September 12, San Francisco Chronicle – (National) Court ruling allows regulation of cell towers. A federal appeals court reversed itself Thursday and said cities and counties can regulate the location and appearance of wireless towers and poles, a ruling that could revive a dormant San Francisco ordinance. The Ninth U.S. Circuit Court of Appeals in San Francisco upheld San Diego County’s limits on the placement, size, and design of towers and poles that are needed for companies to provide cell phone service and wireless Internet connections. The court also voted 11-0 to discard a standard it had established in 2001 that barred local governments from adopting any restrictions that “may have the effect of prohibiting” wireless services. Federal courts in the nine-state circuit have relied on the 2001 ruling to overturn restrictions on telecommunications structures in several communities, including San Francisco and Berkeley. The court said Thursday that it had misinterpreted federal law when it issued the earlier ruling, and that local governments can regulate wireless towers and poles as long as they do not actually prohibit wireless service within their borders or create a “significant gap in service coverage.” The ordinance required wireless companies to seek a city permit before locating transmitters or other installations near a park, a historic landmark, or a building with architectural importance, or on a street that the city has designated as scenic. Source:

40. September 11, Associated Press – (Texas) Phone carriers reprise Gustav plans for Ike. With Hurricane Ike bearing down on the Texas Gulf Coast, telecommunications providers are getting a quick opportunity to reprise the preparedness plans they activated last week to cope with Hurricane Gustav. Verizon Wireless, Sprint Nextel Corp., and AT&T Inc. said Thursday they had deployed mobile cell towers and extra generators and had personnel on hand to deal with network damage. Verizon Wireless said it has spent $137 million enhancing its network in the Houston Gulf Coast region in the past year, including doubling its capacity at regional switching centers to handle a barrage of calls when disaster strikes. A Sprint Nextel spokeswoman said the company has some of its key network and emergency response team staged in the San Antonio area to assess damage, help first responders, and repair damaged cell sites. AT&T Inc., the main landline phone company in the region and the country’s largest wireless carrier, said it was preparing for the storm by doing things like increasing its wireless network capacity to support increased call volume, testing backup batteries at cell sites, and protecting its facilities against flooding. Gustav’s landfall in Louisiana on Labor Day caused power outages that cut out cellular and Internet service in parts of Louisiana, but overall its impact was much milder than that of Hurricane Katrina in 2005. Source:

41. September 11, Computerworld – (National) Get ready for mobile social networks. Mobile social networking is a small part of the way people use their cell phones, but industry officials expect that use will grow. Analysts and network providers also expect that there will be affinity groups, such as doctors, engineers, lawyers, or even baseball fans, who are linked with wireless devices. The future of mobile social networks became a major topic of discussion in seminars and forums at the CTIA trade show this week. Device manufacturers, network operators, and social network providers debated how the services will be paid for and by whom, and what steps must be taken to protect user privacy and safety. The director of new services at Virgin Mobile USA LP and others said carriers and social networking sites will have to be vigilant to protect privacy and safety. Source:

42. September 11, Register-Guard – (Oregon) Stolen cable cuts phone service in Eugene. More than 800 telephone lines in Eugene are reportedly out of service Thursday afternoon because of the theft of about 50 feet of aerial cable near downtown Eugene, Oregon. Qwest Communications workers are making repairs. It is not known when service will be restored, Eugene police said. Source: