Department of Homeland Security Daily Open Source Infrastructure Report

Friday, October 10, 2008

Complete DHS Daily Report for October 10, 2008

Daily Report


 WABC 7 New York reports that during last Friday evening’s rush hour, the discovery of two suspicious bottles filled with an unknown liquid and glued to the median forced Port Authority Police to close down the Lincoln Tunnel for hours. Police records show it was the third such incident in a month. (See item 14)

14. October 7, WABC 7 New York – (New York) Is Lincoln Tunnel being tested? During last Friday evening’s rush hour, the discovery of two suspicious bottles filled with an unknown liquid and glued to the median forced Port Authority police to close down the Lincoln Tunnel for hours. Police records obtained show it was the third such incident in a month. The first one occurring four weeks ago, when someone placed “3 plastic heart shaped bottles” of an unknown liquid on the New Jersey side of the Lincoln Tunnel. One bottle had a ‘‘gray wire inside” and a message, “don’t look at me.” And then again last Wednesday, two “red sealed bottles were glued” near a lamp post. Source:

 According to the U.S. Department of Justice, a former U.S. Department of Defense contractor pleaded guilty Tuesday to participating in a scheme to steal fuel worth approximately $39.6 million from the U.S. Army in Iraq. (See item 31)

31. October 7, U.S. Department of Justice – (National) Former Department of Defense contractor pleads guilty to participating in scheme to steal $39.6 million worth of fuel from U.S. Army in Iraq. A former Department of Defense (DOD) contractor pleaded guilty Tuesday to participating in a scheme to steal fuel worth approximately $39.6 million from the U.S. Army in Iraq, announced the Acting Assistant Attorney General of the Criminal Division and the U.S. Attorney for the Eastern District of Virginia. The man pleaded guilty to a count charging him with theft of government property. In his plea, he admitted that between July 2007 and May 2008, he and his co-conspirators, purportedly representing DOD contractors in Iraq, used fraudulently-obtained documents to enter the Victory Bulk Fuel Point (VBFP) in Camp Liberty, Iraq, and presented false fuel authorization forms to steal aviation and diesel fuel from the VBFP for subsequent sale on the black market. According to plea documents, the United States owns and operates the VBFP in support of Operation Iraqi Freedom. The VBFP supplies aviation fuel and diesel fuel to both military units and U.S. government contractors operating in and around the VBFP. To retrieve and transport the stolen fuel from the VBFP, the man admitted he and his co-conspirators employed approximately 10 individuals to serve as drivers and escorts of the trucks containing the stolen fuel. Source:{62C57114-5D47-4704-8F64-A237C4147F89}&dist=hppr


Banking and Finance Sector

5. October 9, Reuters – (National) Blackrock, Pimco bid to manage bailout assets. BlackRock Inc and Pacific Investment Management Co (Pimco) are bidding to manage mortgage-backed assets in the U.S.’s $700 billion financial bailout, Bloomberg news agency said. State Street Corp and Bank of New York Mellon Corp are bidding to handle record-keeping and custody services for the U.S. Treasury, the agency said. In an attempt to clean up the worst financial crisis since the Great Depression, the U.S. Congress has legislated to let the government buy illiquid mortgage assets from banks and other financial institutions. Source:

6. October 8, Associated Press – (National) Wachovia, Citigroup, Wells Fargo extend stand still. Citigroup and Wells Fargo agreed Wednesday to extend their legal standstill in the fight for Wachovia until Friday morning, giving the banks more time to work toward a mutual agreement. The Fed was engaging in talks with both Citigroup and Wells Fargo in the hope of reaching a quick resolution and avoiding a lengthy court battle. The extension of the standstill suggests that the parties believe an agreement is reachable. It puts on hold a hearing scheduled for 3 p.m. in New York federal court. Citigroup agreed last Monday to buy Wachovia’s banking operations for $2.1 billion in a deal brokered by the Federal Deposit Insurance Corp. Four days later Wells Fargo announced that Wachovia’s board had agreed to its $13.1 billion all-stock offer. The Wells Fargo proposal does not include assistance from the FDIC. Source:

7. October 8, Science Magazine – (National) New version of SilentBank Trojan causes concern. The SilentBanker Trojan has been improved to the extent that it is harder to detect and more effective at stealing data. Originally identified last year, the new version has a rootkit that makes finding infected files very difficult. The rootkit ensures that when a user tries to search in the registry for files that indicate an infection, it is hidden from view as the Trojan intercepts the search request. SilentBanker is particularly good at defeating two-factor authentication, which involves the user having a separate log-in token that is synchronised with the bank’s server to augment a password. The Trojan subverts the two-factor transaction by intercepting communications before they are encrypted and forwarding them to the attacker, essentially making the security of two-factor authentication useless. Source:

8. October 8, Dark Reading – (National) Financial crises leaves banks branches open to social engineering. Heightened concern over the growing financial crisis is making banks more vulnerable to targeted social engineering and spear-phishing attacks, researchers said this week. Breaching a bank’s physical security is also easier now, according to Errata Security. In a social engineering ploy for a mid-sized bank last week, an Errata’s Chief Technology Officer was mistaken for a federal auditor and allowed access to the branch manager’s unoccupied office. He made off with a computer backup tape containing account transaction data. Some social engineers are worried that the bad guys will soon start preying on bank employees’ fears to wage real targeted attacks. One researcher has decided to hold off on releasing a powerful open source hacking platform he created for targeted email and phishing attacks that includes payloads for popular Web threats out of fear that it will be used by bad guys to wage real targeted attacks. “I think phishing and social engineering [are] the highest risk currently faced by the financial industry,” said the CEO of PacketFocus, who is afraid that his so-called Lunker tool could be used for targeted phishing attacks. Source:

9. October 8, MSNBC (National) Paying at the pump just got more risky. Police in Puyallup, Washington, say thieves snagged debit card numbers and PIN codes of hundreds of people at two gas stations in the area. They did it by installing their own hard-to-spot card reader, called a skimmer, on top of the card reader built into the pump. The skimmer is able to grab the account information from the card without interfering with the legitimate payment transaction. The crooks used the stolen data to create (or clone) fake debit cards that were used at ATMs in Washington state over the Fourth of July weekend and in northern California on Labor Day weekend. The bad guys like three-day holidays because it gives them more time to use the cards before the unauthorized withdrawals are spotted. “We are looking at a sophisticated, very well-organized group of individuals,” says a detective with the Puyallup Police Department. When all the victims from these two incidents are identified, the total loss could reach half a million dollars. Gas pumps are being compromised in cities across the country. “We don’t view it as an epidemic, but there are cases open in at least a half dozen states right now,” says a spokesman for the U.S. Secret Service. These investigations are underway in California, Nevada, Pennsylvania, Delaware, and Washington. The detective says the Secret Service believes some of these crimes are inside jobs, involving someone at the service station. Police in Puyallup and Las Vegas now advise residents not to use their debit card at a gas pump because there is no way to be sure it has not been tampered with. Source:

Information Technology

Nothing to report

Communications Sector

35. October 9, Associated Press – (District of Columbia) D.C. reaches deal with Verizon on FiOS. D.C.’s Office of Cable Television and Verizon have reached an agreement on a 15-year franchise pact to bring FiOS television, high-speed Internet, and telephone service to the city. The deal was presented Tuesday for review by the D.C. Council. Comcast has had a near-monopoly on Washington’s cable TV service for years; some consumers have called for competition. RCN also provides service to a small percentage of District customers. Before FiOS TV service is available in Washington, Verizon must upgrade its network and cables to fiber optic. The proposed agreement describes a phased rollout. The first neighborhoods could get service by 2012 and the next group by 2015. Source:

36. October 9, Star-Ledger – (New Jersey) County approves towers contract. After months of discussion, but no changes of position, the Hunterdon County freeholders have given the go-ahead to build two new towers in Raritan Township, New Jersey, for the county’s communications system. The board awarded a $355,000 contract to JBL Electrical Inc. of Totowa to erect a 220-foot tower at a county complex on Route 12, and a 120-foot monopole at another county site on Route 31. The new towers will provide “line of sight” links among county offices, enabling them to share data instead of operating separately, according to the county’s information technology specialists. Some officials and staffers have raised security concerns about transmitting county data, including law enforcement and personal health information, over someone else’s fiber-optic network. Given those questions, a fiber-optic project “is not going to happen for at least three years,” a Hunterdon County freeholder said. Source: