Department of Homeland Security Daily Open Source Infrastructure Report

Thursday, October 9, 2008

Complete DHS Daily Report for October 9, 2008

Daily Report


 An Atlanta Journal-Constitution investigation found that the staff of the 911 center in Fulton County, Georgia, has caused scores of mistakes in recent years that at times endangered those seeking help and the emergency crews sent to provide aid. (See item 42)

42. October 5, Atlanta Journal-Constitution – (Georgia) Widespread problems found at Fulton 911. The staff of Fulton County’s 911 center has caused scores of mistakes in recent years that at times endangered those seeking help and the emergency crews sent to provide aid, an Atlanta Journal-Constitution investigation has found. A review of nearly five years of call-center disciplinary records reveals instances of insubordination, fighting, sleeping on the job, tardiness, and absenteeism. According to records obtained under the Georgia Open Records Act, during an almost five-year period, about 1,100 personnel actions have been taken against employees at the Fulton County 911 call center. Since 2003, nine workers have been fired. Source:

 According to Computerworld, Adobe Systems Inc. warned users Tuesday that hackers could use recently reported “clickjacking” attack tactics to secretly turn on a computer’s microphone and Web camera. Adobe rated the vulnerability as “critical,” its highest threat ranking. (See item 45)

See Information Technology section below.


Banking and Finance Sector

17. October 8, Reuters – (International) Fed, central banks cut rates. Central banks around the world cut interest rates in unison on Wednesday in a joint response to the global financial crisis. The U.S. Federal Reserve said it was cutting its key federal funds rate by 50 basis points to 1.5 percent. U.S. stock index futures leapt on the news and world stock markets trimmed their losses. Source:

18. October 8, Financial Times – (National) FDIC to double fees in face of $40bn loss. The Federal Deposit Insurance Corporation (FDIC) on Tuesday proposed doubling the fees it charges U.S. banks, as it warned that it faced about $40bn in losses from bank failures in the coming years. As of June 30, the FDIC’s ratio of reserves to insured deposits stood at 1.01 per cent, the lowest since 1995 and well below the 1.15 per cent mandated by law, requiring it to develop a plan to return to that level. The regulator is proposing fee reductions of 2 cents per $100 for banks with a certain amount of unsecured debt, whose deposits are perceived to be less likely to be wiped out in the event of failure. There would be higher fees for banks with a certain amount of secured liabilities and brokered deposits, whose deposits are thought to be more at risk. Source:

19. October 7, Internet Retailer – (National) New data security standard adds flexibility and a few new requirements. The latest version of the Payment Card Industry Data Security Standard adds some flexibility in the rules that govern the handling of credit and debit card data. Version 1.2 of the standard was issued last week by the PCI Security Standards Council. PCI is a common set of data security rules that payment card companies Visa, MasterCard, American Express, Discover, and JCB have adopted. The rules apply to any organization that handles payment card data, including online and offline retailers, banks and processors. The PCI standard is updated every two years by the PCI Security Standards Council, which maintains PCI and two other security standards. Source:

20. October 7, U.S. Department of Justice – (National) Loan broker charged in $15 million scheme to defraud the Export-Import Bank of the United States. A loan broker from the Philippines has been charged in connection with a $15 million scheme to defraud the Export-Import Bank of the United States (the Ex-Im Bank). The indictment charges that the Pilipino woman brokered approximately $15 million worth of fraudulent loan transactions between companies located in the Philippines and U.S. lending banks, in which the Ex-Im Bank acted as guarantor or insurer. The woman has been charged with one count of conspiracy to defraud the United States and to commit offenses against the United States; three counts of submitting false statements to the Ex-Im Bank; one count of conspiracy to commit money laundering; three counts of money laundering; and one count of obstructing a proceeding before a department and agency of the United States. This case is part of a broader investigation into an $80 million scheme to defraud the Ex-Im Bank between November 1999 and December 2005 Source:{195A630E-B9D6-4D04-9A02-7E367784FF5F}&dist=hppr

21. October 7, SC Magazine – (National) Economic woes fueling spam malware barrage. Two monthly threat reports released this week show a sharp increase in emails containing malware. The rise appears to be bolstered by the current fiscal crisis, which is providing cybercriminals with fodder for their scam campaigns, according to MX Logic. The security firm said 5.14 percent of all emails in September contained malware, more than seven times the average and largest jump since February 2007, when the Storm Worm first appeared. Meanwhile, Symantec, in its October "State of Spam" report, said the amount of malicious code detected in emails rose from 0.1 percent in June to 1.2 percent in September, an increase of about 12 times. Experts partially attribute the nation's current financial state with the run-up in spam. MX Logic's threat center said it is observing an increase in fraudulent emails claiming to be debt consolidation and loan offers. Meanwhile, U.S.-CERT warned Monday of a rise in phishing emails related to the recent bank mergers. Source:

22. October 7, Consumer Affairs – (North Carolina) Bank data breach threatens 248,000 in North Carolina. Nearly a quarter of a million North Carolina consumers have been affected by a recent data breach by the Bank of New York Mellon (BNY Mellon). The breach could subject 248,000 North Carolinians to potential identity theft. In May, BNY Mellon reported that it lost backup tapes containing personal information about 4 million consumers nationwide including 74,000 in North Carolina. The company has since discovered that the breach actually affected 12 million consumers. BNY Mellon is currently notifying North Carolinians whose information was lost. Some consumers who are contacted may not be familiar with the company, which is hired by public companies as a stock transfer agent or to handle corporate transactions. Source:

23. October 6, IDG News Service – (National) Shell fingers IT contractor in theft of employee data. Shell Oil Co. is warning its employees that an IT contractor used the personal data of four Shell workers as part of an unemployment insurance claims scam in Texas. Shell Oil, the U.S. subsidiary of Royal Dutch Shell PLC, began notifying employees of the data breach on Friday, via a written notice that was posted on the Houston-based company’s Web site. A Shell spokeswoman said company officials noticed early last month that someone had used Shell employee data to file fake unemployment compensation claims with the Texas Workforce Commission (TWC). After investigating, Shell determined that an employee of a third-party contractor had misused information stored in a corporate database. The database includes records for a majority of current and former Shell employees in the U.S. The notice about the breach indicated that the misused data included names, dates of birth, Social Security numbers, and some financial information. Source:

24. October 6, Reuters – (National) Airlines brace for credit-card processor demands. In recent months, top carriers like AMR Corp’s American Airlines and UAL Corp’s United Airlines have topped off their cash positions or changed deals with credit-card processors – defensive moves triggered by fears that processors may demand bigger cash holdbacks. To limit the risk of failed reimbursement, processors often require airlines to put a percentage of their advance booking proceeds aside for use. Depending on its agreements with airlines, a processor that doubts the ability of an airline to provide travel or repay its debts may require a higher percentage of advance ticket revenue to be withheld. Source:

Information Technology

43. October 8, MX Logic – (National) Hackers hiding malware in JavaScript. Hackers are using JavaScript to hide malicious code from web and email security filters, a Hewlett Packard researcher has claimed. Talking to Search Security, he explained that while hackers used to launch network security attacks using fairly straightforward delivery messages, they are now hiding malware within JavaScript apps that purposively obfuscates the code in order to allow it to slip through web and email filters. One of the popular attacks uses JavaScript apps to capture keystrokes. He added that using the coding platform is particularly lucrative because it can target Windows, Linux and Mac users. Source:

44. October 8, Computerworld – (National) Criminals using Google Trends to spread malware. Internet criminals are using Search Engine Optimization (SEO) tactics to help spread malicious software, according to experts from Marshal’s TRACE team. The criminals are using tools such as Google Trends to identify popular keywords, then setting up blogs on free hosting sites featuring these search terms. The blog sites feature what appears to be an embedded video player, which loads malware onto users’ computers under the guise of installing a video codec. One recent example of an exploited search term is ‘OJ Simpson Verdict’. While using fake media players to spread malware is nothing new, Marshal believes the use of SEO to promote the infected sites shows increasing sophistication on behalf of the criminals. Source:;1948693341

45. October 8, Computerworld – (National) ‘Clickjackers’ could hijack webcams, microphones, Adobe warns. Adobe Systems Inc. warned users Tuesday that hackers could use recently reported “clickjacking” attack tactics to secretly turn on a computer’s microphone and Web camera. Flash on all platforms is susceptible to clickjacking attacks, Adobe said in an advisory posted Tuesday. By duping users into visiting a malicious Web site, hackers could hijack seemingly innocent clicks that, in reality, would be used to grant the site access to the computer’s webcam and microphone without the user’s knowledge. ”This potential ‘clickjacking’ browser issue affects Adobe Flash Player’s microphone and camera access dialog,” acknowledged the company’s security program manager, in a post to Adobe’s security blog. Although a patch is not ready, Adobe’s advisory listed steps users can take immediately to block webcam and microphone hijacking. Adobe recommended that users access Flash’s Settings Manager using a browser to select the “Always deny” option. Adobe rated the vulnerability as “critical,” its highest threat ranking. Source:

Communications Sector

Nothing to report