Department of Homeland Security Daily Open Source Infrastructure Report

Thursday, October 2, 2008

Complete DHS Daily Report for October 2, 2008

Daily Report


According to the Stephens Washington Bureau, the government on Tuesday issued long-awaited radiation standards for the proposed Yucca Mountain repository, setting a key public health threshold for experts to judge whether the nuclear waste site should be built. (See item 7)

7. October 1, Stephens Washington Bureau – (National) EPA sets Yucca radiation standards. The government on Tuesday issued long-awaited radiation standards for the proposed Yucca Mountain repository, setting a key public health threshold for experts to judge whether the nuclear waste site should be built. A regulation issued by the U.S. Environmental Protection Agency purports to set the acceptable levels of radiation that people could receive from the Nevada site up to 1 million years in the future. Now, in order to win a construction license, the U.S. Department of Energy (DOE) must prove, through complex computer modeling, that the underground tunnel system it wants to excavate 100 miles northwest of Las Vegas to store spent nuclear fuel can meet the safety requirement. “With the issuance of the EPA standard for Yucca Mountain, the regulatory framework is in place for the nation to move forward to a regulatory decision by the NRC on Yucca Mountain,” said a DOE spokesman. Source:

 The Associated Press reports that a hacker attacked the University of Indianapolis’ computer system and gained access to personal information and Social Security numbers for 11,000 students, faculty, and staff. (See item 36)

See the details in the Information Technology section below.


Banking and Finance Sector

10. October 1, Reuters – (National) SEC gives banks more leeway on mark-to-market. In the new guidance, the U.S. Securities and Exchange Commission (SEC) reminded financial services firms that they do not need to use fire sale prices when evaluating their hard to price assets. U.S. accounting rule makers assume that the factors used to come up with fair values are based on an orderly transaction between willing market participants. The SEC document said that “distressed or forced liquidation sales are not orderly transactions.” Under U.S. accounting rules, assets can be valued based on a simple price quote in an active market. But the hardest to value assets are often based entirely on management’s best estimate derived from mathematical models. The SEC’s guidance says that sometimes the level 3 inputs may be more appropriate than the so-called level 2, or observable factors. Others have said that the changes have not gone far enough. Source:

11. October 1, Bloomberg – (National) Lehman, Bank of America, Huntsmen in court news. Creditors in Lehman Brothers Holdings Inc.’s bankruptcy case, the biggest ever, urged a judge to reject a loan for the collapsed bank, arguing that proceeds from asset sales are enough to fund its day-to-day operations. A U.S. bankruptcy judge in Manhattan gave interim approval for New York-based Lehman to borrow an initial $200 million from Barclays Plc. on September 17 and had said he would hold a hearing on whether to approve an additional $250 million for the debtor-in-possession loan. The creditor panel includes Bank of New York Mellon Corp. and Wilmington Trust Co. as trustees for bondholders owed about $155 billion which acts on behalf of thousands of Lehman’s unsecured stakeholders. When it sought bankruptcy protection September 15, Lehman listed more than $613 billion in debt as of May 31, dwarfing WorldCom Inc.’s 2002 bankruptcy, previously the largest. Source:

12. October 1, Bloomberg – (National) Lehman, Bank of America, Huntsman in court news; Bank of America, Countrywide sued over data sale. Bank of America Corp. and its Countrywide Financial unit were sued by consumers who contend their personal data was not adequately protected before a senior analyst obtained the information and sold it. Two mortgage-holders are seeking unspecified damages and class-action, or group, status on behalf of two million people whose personal profiles were compromised, according to the federal lawsuit. A former Countrywide analyst was arrested and charged with exceeding authorized access to a financial institution computer, a U.S. attorney in Los Angeles said on August 1. The analyst faces as long as five years in prison. Source:

13. September 30, Dark Reading – (National) Attackers mix online, offline exploits to mask financial fraud. Professional cybercriminals are deploying multichannel attacks that split the attack cycle into pieces that may not look like they are related. This combination of offline and online activity lets the attacker stay under the radar of forensics or other incident tracking, for instance, using wire transfers and ATM transactions, as well, rather than a pure online transaction with a bank. One example of this type of attack is the Coreflood botnet Trojan, which is notorious for performing reconnaissance on its victims. Coreflood has stolen user account information, Webpage content, digital credentials, and browser cookies. And it made sure the server it used appeared to be from the same geographic location as the victim. Banking customers can protect themselves from these multipronged — and often silent — attacks with the usual best practices: updated antivirus and anti-spyware, patching one’s machine, and never clicking on an email purportedly from a financial institution. Source:

Information Technology

33. October 1, MX Logic – (New York) NY tops computer virus threat list. New Yorkers could be most in need of virus protection in light of new figures showing the city is at highest risk of infection. Research conducted by security software firm PC Tools ranks New York top of the list of most at-risk cities in the U.S., reports NY1. Houston, Los Angeles, Chicago, and Miami also appear in the top five, with the statistics based on the number of attacks suffered by each individual user. Meanwhile, a lack of virus protection was recently identified as one of the top ten vulnerabilities Windows users could face. Source:

34. October 1, VNU Net – (National) RogueSecurity Trojan dominates September attacks. The RogueSecurity Trojan and its variants accounted for 61.5 percent of all malware attacks during the month, taking the top four positions in the security firm’s malware list. “Not since the start of this year when the notorious Storm virus made a continuous run of devastating attacks has any comparison been seen with this level of activity,” said internet security firm Fortinet. “However, where the Rogue security applications excel is the accumulated volume, maintaining these extreme levels of activity for at least six days, not to mention the other variants.” The bulk of malware activity occurred in the second and third week of September, with the W32/Inject.GZW!tr.bdr Trojan peaking at nearly two million in the middle of the month. Source:

35. September 30, Register – (National) Stealthy malware expands rootkit repertoire. Security researchers have discovered one of the most subtle and sophisticated examples of Windows rootkit software known to date. The AutoRun-NOX worm extends the standard VXer trick of using software vulnerabilities to infect systems, by including functionality that allows the worm to exploit Windows security bugs to hook into parts of the Windows system that operate below the radar of anti-virus packages. The worm uses a long-standing Windows vulnerability, patched by Microsoft in April 2007, involving a GDI privilege elevation flaw. If the attack using the vulnerability fails, the worm falls back to plan B — using the more common (but less elegant) driver method. Source:

36. September 30, Associated Press – (Indiana) Hacker compromises data on 11,000 at U. of Indy. A hacker attacked the University of Indianapolis’ computer system and gained access to personal information and Social Security numbers for 11,000 students, faculty, and staff, the school said. The 4,300-student university’s information technology staff and outside computer security experts are investigating the breach, which was discovered September 18 when another institution warned the school. The Federal Bureau of Investigation also was notified. It was not clear whether any data was stolen in the September 8 attack. Investigators believe the attack may have originated outside the United States because a foreign language was found embedded in programming code. Source:,0,1712225.story

Communications Sector

37. September 30, Associated Press – (Vermont) FairPoint outlines Vt. broadband expansion plan. FairPoint Communications Inc. will provide broadband services to all of its customers in communities served by 51 telephone exchanges across the state by the end of 2010, company officials said Tuesday. The services will be provided in many rural communities as well as more built up areas by using a combination of wired and wireless service hooked up to a major network that a FairPoint engineer compared to an interstate highway. In March, FairPoint took over the landline services from Verizon Communications Inc. in Vermont, New Hampshire, and Maine. To win approval for the deal from state regulators in Vermont, the company committed itself to increasing customers’ access to broadband that provides high-speed Internet access to computer users. In the Vermont deal, FairPoint took over 99 telephone exchanges. The 51 exchanges that will see 100 percent coverage within the next two years are located in all 14 counties. FairPoint officials say similar projects are under way in Maine and New Hampshire. Source:

38. September 30, Associated Press – (New York) NY regulators get tough on Verizon FiOS installs. New York regulators have raised the possibility of banning Verizon Communications Inc. from installing its fiber-optic FiOS service in New York City until the company makes sure it is doing enough to provide electrical grounding for its equipment in homes. Poorly grounded equipment or cables could give electrical shocks or start fires, but there have been no reports of FiOS equipment causing harm to people or property, Verizon said. The New York State Public Service Commission, which regulates telecommunications, has been dogging Verizon on the electrical issue since 2006, and the staff concluded in a report to the commission last week that the company’s remedies do not go far enough. New York is the only state to have raised these concerns, but Verizon is installing FiOS in 15 others. Source: