Department of Homeland Security Daily Open Source Infrastructure Report

Wednesday, September 17, 2008

Complete DHS Daily Report for September 17, 2008

Daily Report

Headlines

 Reuters reports that utilities worked on Monday to restore power to the nearly four million customers from Texas to New York that lost power as a result of Hurricane Ike, most of them in Texas where the storm hit. (See item 4)


4. September 15, Reuters – (National) Utilities working to restore power after Ike. Utilities worked on Monday to restore power to the nearly four million homes and businesses from Texas to New York that lost power as a result of Hurricane Ike, most of them in Texas where the storm hit on Saturday morning, according to U.S. government and utility company reports. The Sabine Power Station in southeast Texas power plant will be out for weeks after it was flooded with four feet of water and became a refuge for snakes and other animals, said plant owner Entergy Corp. The U.S. Department of Energy (DOE) said that at the height of outages on Monday, as many as 3.8 million customers lacked power in a nine-state swath from Texas to New York. On Monday, crews worked to restore power to about 1.8 million homes and businesses in Texas, 785,000 in Ohio, 472,500 in Kentucky, 126,000 in Louisiana, and 108,000 in Arkansas, company and DOE figures showed. Smaller numbers were reported out in Illinois, Missouri, Pennsylvania, and New York, where many by Monday night had already had power restored, utility companies said. On Sunday, Texas officials warned that some homes and businesses were likely to be without power for a month or more in the hardest-hit coastal areas. Entergy said it restored power to nearly 255,000 of the 705,400 customers that lost power from Ike in Texas, Louisiana, and Arkansas. Source: http://www.reuters.com/article/rbssIndustryMaterialsUtilitiesNews/idUSN1532367320080916?pageNumber=1&virtualBrandChannel=0


 According to the Navy Times, some of the U.S. Navy’s newest ships have cruised without the Phalanx Close In Weapons System (CIWS) in hot spots throughout the world. A retired Office of Naval Intelligence analyst said that destroyers without CIWS were not as prepared to deal with threats close aboard. (See item 8)


8. September 16, Navy Times – (National) Analyst: DDGs without CIWS vulnerable. The 20 most recent Arleigh Burke-class destroyers have arrived from the shipyard missing something – the distinctive white domes of the Phalanx Close In Weapons System. The first 34 Burkes carry two of the 20mm, six-barrel Gatling guns, known as CIWS, which can find and shoot down air targets that slip through the outer defenses of a ship or task group. But since 2002, destroyers have come from the builders without the guns, as plans called for a new missile, the Evolved Sea Sparrow (ESSM), to take their place. But technical problems delayed the missile’s fleet introduction, so commanders decided in 2002 to outfit new ships with the standard CIWS until the ESSM came online. Eventually, every DDG 51-class destroyer will carry both. In the interim, some of the Navy’s newest ships have cruised without CIWS in hot spots throughout the world, including the 5th Fleet area of operations and the Western Pacific. Navy officials say the destroyers were capable of carrying ESSMs in their vertical launch tubes, giving them the ability to shoot down incoming missiles. But whether the ships actually had the weapons aboard – and whether they could hit nearby targets on the surface, as CIWS can – is unclear. A retired Office of Naval Intelligence analyst said there was no question that destroyers without CIWS, or with just one aft, were not as prepared to deal with threats close aboard. “We should not be sending any ships into range of potentially hostile missile attacks without 360-degree CIWS coverage,” he said. Source: http://www.navytimes.com/news/2008/09/navy_ciws_091508w/


DHS Daily Open Source Infrastructure Report

Details

Banking and Finance Sector

9. September 16, Los Angeles Times – (California) SEC sues three in alleged Ponzi scheme. Federal securities regulators sued a lawyer and two former partners Monday, accusing them of a scheme to use at least $20 million of investors’ money “as their own personal piggy bank.” In its civil complaint, the Securities and Exchange Commission accused the men of taking in $52.7 million from more than 150 investors. The trio had promised to put the money in securities known as private investment in public equity, or PIPEs, which they said would return as much as 54 percent in 12 to 16 weeks, according to the SEC’s lawsuit, which was filed in U.S. District Court in Santa Ana, California. “Instead, the defendants engaged in a Ponzi scheme, used investor funds to pay off other investors and misappropriated investor funds for their own personal use,” read the complaint, which alleges fraud and other securities violations. Source: http://www.latimes.com/business/la-fi-ponzi16-2008sep16,0,5771642.story

10. September 15, Atlanta Journal-Constitution – (Georgia) 12 indicted in Atlanta mortgage fraud scheme. Local authorities said Monday they charged 12 men with an elaborate mortgage fraud scheme in Atlanta’s West End neighborhood and seized more than $200,000 of assets. In indictments filed last week, Fulton County’s District Attorney accused the men of buying and selling nine homes using false appraisals that were more than double the homes’ actual value. Five men have been arrested and charged with racketeering and residential mortgage fraud. Investigators are looking for the other seven, who are wanted on the same charges. Under the alleged scheme, one of the participants would buy a home for about $100,000 and then get an inflated appraisal for $250,000 to $300,000, authorities said. That person would then find a fictitious buyer, to file a false mortgage application to obtain a loan. Another person would help facilitate the entire transaction and receive kickbacks from the false deal, authorities said. Source: http://www.ajc.com/news/content/metro/atlanta/stories/2008/09/15/atlanta_mortgage_fraud.html

Information Technology


27. September 15, Computerworld – (International) Apple releases Mac OS X 10.5.5, patches nearly 70 bugs. On Monday Apple Inc. released Mac OS X 10.5.5 to patch at least 34 security vulnerabilities, about a third of them considered critical, and to fix another 34 reliability and stability bugs – including several in the services that synchronize Macs with other Macs, iPhones, and Palm PDAs. The security portion of the update patched bugs in the operating system’s font mechanism, Finder, image processor, kernel, log-in process, system configuration utility, and Time Machine backup application. Apple labeled nine of the 34 with its usual “arbitrary code execution” phrase. Unlike other OS makers, Apple does not rank the vulnerabilities it reports; the tag, however, puts those bugs into a category most would consider critical. Among the most notable fixes were a pair that plugged a serious hole in Apple’s implementation of the Domain Name System (DNS), the Internet’s traffic cop. “This finally patches the Dan Kaminsky exploit,” said the director of security operations at security vendor nCircle Network Security Inc. “This was the piece that was missing on the client side.” Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9114798&taxonomyId=17&intsrc=kc_top


28. September 15, CNet News – (International) Alleged TJX hacker pleads guilty. One of the hackers accused of involvement in the massive data breach targeted at major retailer TJX reportedly pleaded guilty on Thursday to wire fraud, credit-card fraud, and aggravated identity theft. He will be released subject to electronic monitoring, according to a report on the Wall Street Journal’s website. Eleven defendants in total are facing charges in federal court in Boston. TJX Companies, the parent company of the UK’s TK Maxx and Marshall’s in the U.S., said in March 2007 that 45.7 million accounts were compromised over nearly a two-year period. The company said — and U.S. federal investigators subsequently confirmed — it believed the hackers gained access to millions of credit card and debit card numbers through inadequately protected Wi-Fi networks, and then put the numbers up for sale. Source: http://news.zdnet.co.uk/security/0,1000000189,39488205,00.htm


Communications Sector

29. September 15, InformationWeek – (National) Satellite phones pitch in during Hurricanes Gustav, Ike. Hurricane Katrina taught New Orleans and the Gulf states that they did not know how to use their reliable satellite phones. This time, when hurricanes Gustav and Ike struck Texas and the Gulf states, first responders and public safety forces had been testing their satellite phones and knew how to use them. In the two weeks before the storms, sat-phone provider Iridium shipped 5,000 phones to its service providers, and the majority of those went to the Gulf states. “During Katrina we heard reports of truckloads of phones that had been bought, but no one knew how to use them,” said a spokeswoman at Iridium Satellite, in an interview Monday. “We’ve had a year-long company program for testing the systems.” She explained that first responders have been testing the satellite systems in recent months and intensified their tests in the days leading up to the hurricanes’ approach to the U.S. Source: http://www.informationweek.com/news/mobility/smart_phones/showArticle.jhtml?articleID=210601743