Department of Homeland Security Daily Open Source Infrastructure Report

Wednesday, October 8, 2008

Complete DHS Daily Report for October 8, 2008

Daily Report

Headlines

 U.S. Immigration and Customs Enforcement announced the extradition of a former Colombian naval petty officer on charges stemming from a conspiracy to sell navigation charts purporting to detail the locations of Colombian and U.S. Naval and Coast Guard vessels to narcotics importers. (See item 6)

6. October 6, U.S. Immigration and Customs Enforcement – (International) Former Colombian naval petty officer extradited to United States for selling naval positioning charts to cocaine traffickers. Federal and local officials announced the extradition of a former Colombian naval petty officer on charges stemming from a conspiracy to sell navigation charts purporting to detail the locations of Colombian and United States Naval and Coast Guard vessels to narcotics importers seeking to avoid interdiction by law enforcement on the high seas. These trafficking organizations generally transported cocaine from Colombia to trans-shipment points in the Caribbean Sea and Central America. Source: http://www.ice.gov/pi/nr/0810/081006newyorkcity.htm

 According to SC Magazine, a study published by Cornell University claims that most U.S. hotels are “ill prepared” to protect their guests from Internet security problems. (See item 34)

34. October 6, SC Magazine – (National) Study: Hotel network security lacking. Most U.S hotels are vulnerable to malicious attacks and are “ill prepared” to protect their guests from Internet security problems, claims a study published by Cornell University. The study, “Hotel Network Security: A Study of Computer Networks in U.S. Hotels,” examined the security of 147 hotels through surveys, interviews, and on-site testing. Of the hotels compromised, each took about 10 minutes to breach. Some hotel employees inadvertently assisted in the breach by providing passwords and access instructions. The study recommended that all hotels use Wi-Fi Protected Access (WPA) encryption, which requires a password to get on the network and encrypts all data transmitted. Source: http://www.scmagazineus.com/Study-Hotel-network-security-lacking/article/118819/


Details

Banking and Finance Sector

8. October 7, Bloomberg News – (National) Fed to purchase U.S. commercial paper to ease crunch. The Federal Reserve will create a special fund to purchase U.S. commercial paper after the credit crunch threatened to cut off a key source of funding for corporations. The Fed Board invoked emergency powers to set up the unit, the central bank said in a statement released in Washington. The Fed did not say how much commercial paper, which hundreds of companies use to finance payrolls and meet other cash needs, it plans to purchase. Treasuries declined and two-year notes fell for the first time in five days, pushing yields up from the lowest level since March, after the central bank invoked emergency powers to support the financing needs of corporations. Source: http://www.bloomberg.com/apps/news?pid=20601087&sid=aAyx4qPsKSZk&refer=worldwide

9. October 6, Zycko News – (International) Banks ‘prioritizing data security and compliance.’ Spending on security-related technology is set to increase, if risk management and security compliance continue to be top priorities within banks, after over half of banks claim that their security budget will rise over the next two years, research has found. The 2008 Independent Community Bankers of America’s (ICBA) Community Bank Technology Survey reveals that 54 percent say they will spend more on data compliance. While 89 percent of banks say they have an IT business continuity plan for data security, this drops to 80 percent for those with a similar strategy for data security breaches, the research uncovers. Source: http://www.zycko.com/news/18813419-Banks_prioritising_data_security_and_compliance

10. October 6, E Week – (National) How Wall Street can mitigate financial fraud using biometric authentication. Risk control procedures are not enough to mitigate fraud on Wall Street. Biometric authentication is a reliable solution for preventing security breaches. SAP (business software) users can mitigate fraud by using bioLock (from realtime North America), the certified biometric solution using fingerprints. Even if log-in passwords were obtained, the fraudster would not be able to do anything with the passwords because the biometric authentication system would deny him access to perform transactions. The biometric approach is crucial for maintaining segregation of duties when employees gain new responsibilities. Biometrics will prevent data breaches of security. Fraudsters will not limit their fraudulent activities trying to perpetrate frauds using only an ERP (Enterprise Resource Planning software) system. Users of ERP systems must also secure e-mail systems and any trading systems interfacing with an ERP system. This would tighten security and improve accountability. Source: http://www.eweek.com/c/a/IT-Management/How-Wall-Street-can-Mitigate-Financial-Fraud-using-Biometric-Authentication/

Information Technology


31. October 7, VNU Net – (National) Symantec warns of alarming spam trends. Symantec’s monthly State of Spam report claims that malware-laden messages are far more common than in the first half of the year. The security firm estimates that 1.2 percent of all email messages sent contain a malicious payload. Overall, Symantec found that spam comprises some 78 percent of the global email volumes. While attached .zip and .rar archives were the most popular method for spreading malware, researchers also found that embedding attack code within the source code of the message itself is becoming popular. ”The increase began in May 2008 and continues to the present,” the company said in the report. ”During this period, there has also been an increase in email messages carrying malware payloads, not just links to malicious code.” The majority of the malicious payloads were generic Trojan, downloader and information stealing applications. Source: http://www.vnunet.com/vnunet/news/2227603/spam-getting-nasty-symantec


32. October 6, The Register – (International) Boffins (finally) publish hack for world’s most popular smartcard. Two research papers published Monday have finally made it official: the world’s most widely deployed radio frequency identification (RFID) smartcard - used to control access to transportation systems, military installations, and other restricted areas - can be cracked in a matter of minutes using inexpensive tools. One paper - published by researchers from Radboud University in Nijmegen, The Netherlands - describes in detail how to clone cards that use the Mifare Classic. The chip is used widely throughout the world, including in London’s Oyster Card, Boston’s Charlie Card, and briefly by a new Dutch transit card. Manufacturer NXP and the Dutch government had tried in vain to prevent the researchers from disclosing their findings, arguing that the findings would enable abuse of security systems that rely on the card. Source: http://www.theregister.co.uk/2008/10/06/mifare_hack_finally_published/


33. October 6, Dark Reading – (International) Free tool hacks banking, webmail, and social networking sessions. A researcher will demonstrate a free, plug-and-play hacking tool this week that automatically generates man-in-the middle attacks on online banking, Gmail, Facebook , LiveJournal, and LinkedIn sessions – even though they secure the login process. The researcher, who recently released the so-called “Middler” open-source tool, will show it off at the SecTor conference in Toronto. Aside from the unnerving capability of hacking into sites that perform secure logins and then use clear-text HTTP, Middler is also designed for use by an attacker with no Web-hacking skills or experience. ”The Middler allows an attacker with no Web application-hacking experience to launch attacks that previously required substantial time and skill,” according to the Middler Web page. The Middler basically clones the victim’s online session by using the same cookies and HTML form parameters as the victim. Then the attacker can inject malicious JavaScript onto the Web pages, redirect the user to another page, or log the victim’s session. Source: http://www.darkreading.com/document.asp?doc_id=165303&WT.svl=news1_1


Communications Sector

Nothing to report