Department of Homeland Security Daily Open Source Infrastructure Report

Thursday, October 23, 2008

Complete DHS Daily Report for October 23, 2008

Daily Report

Headlines

 Dark Reading reports that energy companies worldwide experienced more Web-based malware attacks than any other vertical market in the third quarter of this year, with an increased rate of exposure of 189 percent, according to the new “Global Threat Report” from ScanSafe. (See item 2)

2. October 21, Dark Reading – (International) Report: Energy companies are top target of web-borne malware. According to the new “Global Threat Report” from ScanSafe, energy companies worldwide have a nearly 200 percent rate of being hit with Web-borne malware attacks. Energy companies experienced more Web-based malware attacks than any other vertical market in the third quarter of this year, with an increased rate of exposure of 189 percent. Overall, corporations experienced 338 percent more Web-based malware in the third quarter versus the first quarter, and 553 percent more than in the fourth quarter of last year, the report says. ScanSafe attributes this jump to the wave of SQL injection attacks that have hit websites over the past few months, as well as socially engineered email. Most of the malware came from legitimate sites. As for the types of malware, backdoor and password-stealing Trojans increased by 267 percent from January to September. Source: http://www.darkreading.com/document.asp?doc_id=166407

 According to the Associated Press, federal regulators and Entergy Nuclear officials say they are investigating a release of radioactive contaminants at the Vermont Yankee nuclear power plant in Vermont that led to a brief evacuation of 25 workers. The release occurred Monday while the cover of a reactor vessel was being removed for refueling. (See item 6)

6. October 22, Associated Press – (Vermont) Brief evacuation at nuke power plant after leak. Federal regulators and utility officials say they are investigating a release of radioactive contaminants at the Vermont Yankee nuclear power plant in Vermont that led to a brief evacuation of 25 workers. A spokesman for the utility Entergy Nuclear says the release occurred Monday while the cover of a reactor vessel was being removed for refueling. He says the cover was placed too close to a fan that spread airborne contaminants. He says the workers were evacuated from the top floor of the reactor building but returned about four hours later after they were checked for exposure to radiation. The release occurred during the power plant’s regular refueling and maintenance outage, which is scheduled to last three weeks. A U.S. Nuclear Regulatory Commission spokesman says the agency is investigating. Source: http://www.forbes.com/feeds/ap/2008/10/22/ap5590856.html

Details

Banking and Finance Sector


12. October 22, American Banker – (National) $4.4 billion deposit sparks FDIC-Wamu dispute. A fight may be brewing between the Federal Deposit Insurance Corp. and Washington Mutual Inc. over claims by debt holders of the thrift holding company and its two failed subsidiaries. At issue is $4.4 billion that Wamu deposited in its two thrifts before their September 25 failure and forced sale to JPMorgan Chase & Co. Wamu, which declared bankruptcy a day later, wants a judge to approve the transfer of the funds from JPMorgan Chase to the bankruptcy estate, which is used to compensate the holding company’s creditors. But the FDIC, in a motion filed Monday in the Delaware district of the U.S. Bankruptcy Court, asked a judge to stay the transfer. The agency said it may conclude that the funds belong in the receivership of the thrifts, not the holding company, and should be used to compensate the subsidiaries’ senior unsecured debt holders. The court filing did not argue the FDIC deserved the funds, only asking for the judge to delay the transfer of funds. Source: http://www.onwallstreet.com/asset/article/724351/44-billion-deposit-sparks-fdic-wamu-dispute.html?pg


13. October 22, Monday – (International) SEC adopts foreign issuer reporting enhancements. The Securities and Exchange Commission (SEC) issued its final rules relating to the reporting requirements of foreign private issuers (FPIs). These new rules, based on proposals that the SEC issued earlier this year, contain a mix of provisions, some of which help FPIs or add minor burdens to their reporting requirements. Others, such as the new Form 20-F filing deadline and the requirement to provide an Item 18 reconciliation to U.S. GAAP, will be more burdensome to many FPIs. As to these latter requirements, the SEC is providing for relatively long transitional periods before compliance with these new rules becomes mandatory. Source: http://www.mondaq.com/article.asp?articleid=67984


14. October 21, Financial Times – (National) Fed offers $540bn to prop up money funds. The U.S. Federal Reserve on Tuesday said it would finance up to $540bn in purchases of short-term debt from money market mutual funds to shore up a key pillar of the U.S. financial system. Policymakers are worried that moves to prop up US banks may have undermined money funds, which compete with bank savings accounts. Under the scheme the U.S. central bank will lend money to five special purpose vehicles, to be managed by JP Morgan Chase, tasked with purchasing assets from money market funds. These assets are low-risk paper, including certificates of deposit, bank notes and commercial paper with three-month maturities or less. The creation of an extra liquidity facility on Tuesday was seen as complementing a move the Fed announced two weeks ago to create a vehicle aimed at purchasing potentially unlimited amounts of three-month debt from banks and non-financial companies. Source: http://www.ft.com/cms/s/0/4da5eebc-9f83-11dd-a3fa-000077b07658.html?nclick_check=1


Information Technology


37. October 22, VNUNet.com – (International) Risky behavior still looms large. Many employees are continuing to behave in a way that puts company data at risk, according to a recent survey commissioned by Cisco. It asked a number of employees in the Americas, Europe and Asia about their general computing practices in comparison to their company’s IT policies. The study found that potentially risky behavior, such as downloading files for personal use or deliberately modifying system security settings, remains prevalent. The numbers were highest in China and Brazil, while figures in the U.K. and U.S. were lower than the average. The survey found that IT administrators are generally aware of the problem, although few are worried about the risk of data loss. On average, 55 percent of IT decision makers believed that employees were running unapproved applications on company machines. However, 24 percent believe that unapproved programs did not account for any data leaks, while 53 percent believe that the behavior accounted for less than a quarter of leaks. Source: http://www.vnunet.com/vnunet/news/2228755/risky-behavior-looms-large


Communications Sector

38. October 22, Chicago Tribune – (Illinois) Video doesn’t show helicopter crash but indicates warning lights were working on Aurora tower. Video shot by a security camera confirms that the warning lights on a radio tower in Aurora were functioning last week when an emergency medical helicopter hit one of the structure’s support wires and crashed, the chief investigator into the fatal accident said Tuesday. Authorities had hoped the camera, positioned at the Metra commuter parking lot at Illinois Highway 59, would have shown the Air Angels helicopter as it flew by last Wednesday night en route to Children’s Memorial Hospital in Chicago from a hospital in Sandwich. Source: http://www.chicagotribune.com/news/local/chi-chopper-video-22-oct22,0,6369795.story?track=rss

Department of Homeland Security Daily Open Source Infrastructure Report

Wednesday, October 22, 2008

Complete DHS Daily Report for October 22, 2008

Daily Report

Headlines

 According to Reuters, a United Airlines pilot was arrested on a passenger plane Sunday at Heathrow Airport on suspicion of being above the legal alcohol limit. (See item 11)

11. October 20, Reuters – (International) Pilot arrested after failing breath test. An airline pilot has been arrested on a passenger plane at Heathrow Airport on suspicion of being above the legal alcohol limit, police said on Monday. Officers boarded a United Airlines plane at terminal one before it was due to take off on Sunday and arrested the 44-year-old under transport safety laws. The pilot, who has not been named, was given police bail to January 16 next year, pending further inquiries. A United Airlines spokeswoman said the pilot has been suspended from duties, but declined to name the flight or give further details of the incident. Source: http://www.reuters.com/article/rbssIndustryMaterialsUtilitiesNews/idUSLK21280520081020

 Reuters reports that at least five branches of Chase bank in Colorado and Oklahoma received threatening letters on Monday, some containing an unidentified white powder. (See item 13)

13. October 20, Reuters – (Colorado; Oklahoma) At least five Chase banks hit with letter threats. At least five branches of Chase bank in Colorado and Oklahoma received threatening letters on Monday, some containing an unidentified white powder. A spokeswoman for Chase said the letters were delivered to three branches in the Denver, Colorado, area and locations in Oklahoma City and Norman, Oklahoma. Some of the envelopes contained the white powder, a Chase spokeswoman said, and one employee was treated for a rash as a precaution, but it was not clear if the skin irritation was caused by the powder. She identified the Colorado branches as being in Lakewood and Arvada. A fire marshal of the Cunningham Fire Protection District near Denver said the powder in one package was found to be harmless, though the substance had yet to be identified. That branch was inside a supermarket in the Denver suburb of Centennial. The supermarket was evacuated as a precaution. Several bank employees who had close contact with the package were sent to a local hospital for evaluation, he said. A police department spokesman in nearby Lakewood said a white substance found on a parcel there appeared not to be dangerous and resembled talcum powder. The Chase spokeswoman said Chase would not release the total number of banks affected until they were sure all the letters had been found. “We immediately called the FBI and Postal Inspection Service to handle the matter and ensure the safety of our customers and employees,” she said. She did not know the contents of the letters or if they contained return addresses. Source: http://www.reuters.com/article/topNews/idUSTRE49J8F620081020?pageNumber=1&virtualBrandChannel=0

Details

Banking and Finance Sector


9. October 21, Internet News – (National) Can CFOs help prevent cyber attacks? On Tuesday, 2,000 chief financial officers (CFOs) at corporations around the country will get a copy of an action guide that will help them deal with cyber attacks. Despite the highly publicized losses due to a data breach at TJX, where 94 million records were compromised, plus several other breaches since, hackers continue to penetrate defenses at organizations. The booklet contains 50 questions CFOs must ask and sample charts to help them calculate the probability and severity of financial losses from both risk actions and the actions taken to mitigate them. It also contains a list of standards and reference documents to help CFOs develop comprehensive risk management frameworks. Source: http://www.internetnews.com/security/article.php/3779346


Information Technology


26. October 21, Computerworld – (International) Pirates prefer Windows XP over Vista, says Microsoft. While explaining the “Global Anti-Piracy Day” educational and enforcement effort Microsoft launched today, a senior attorney with the company acknowledged that pirates prefer Windows XP over Vista. Counterfeiters currently copy Office 2003 rather than the newer Office 2007 for the same reasons, she said. The attorney also touted the day’s announcements of new initiatives and lawsuit filings scheduled to take place in 49 countries, ranging from Argentina to the U.S. In the U.S., Microsoft filed 20 new lawsuits in federal court against software resellers that, according to the company’s allegations, either sold pirated copies of Microsoft Windows XP Professional and Office or installed the counterfeit software on new PCs. Nine of the lawsuits were filed in California; two each were filed in Ohio, Oregon and Texas; and others were filed in Connecticut, Florida, Louisiana, Minnesota and New York. Source: http://www.infoworld.com/article/08/10/21/Pirates_prefer_Windows_XP_over_Vista_says_Microsoft_1.html


Communications Sector

Nothing to report