Department of Homeland Security Daily Open Source Infrastructure Report

Thursday, November 13, 2008

Complete DHS Daily Report for November 13, 2008

Daily Report

Headlines

 The Point Pleasant Register reports that employees at the Mountaineer power plant in New Haven, West Virginia, were evacuated Monday after Appalachian Power received a telephone call from a man who claimed a bomb might have been on the premises. A similar call was placed at the John Amos Power Plant in Putnam County, West Virginia, last week. (See item 2)

2. November 11, Point Pleasant Register – (West Virginia) Bomb threat reported at Mountaineer power plant. Employees at Appalachian Power’s Mountaineer plant in New Haven, West Virginia, were evacuated Monday morning as law enforcement officers with the West Virginia State Police searched the area for a bomb. Now, troopers are looking for the man who phoned in the bomb threat. At 6:49 a.m. Monday, the company received a telephone call from a man who claimed a bomb might have been on the premises, according to a sergeant with the Mason County Detachment of the West Virginia State Police. Authorities are continuing their investigation, and K-9 units with the state police that are capable of detecting bomb materials were called in to assist in the investigation. A spokesman for American Electric Power (AEP) said that Monday’s incident was the first bomb threat at the Mountaineer plant. The sergeant said that after a search that spanned several hours, no evidence of a bomb or bomb materials was found at the plant. This is the second bomb threat the company has had the state police investigate. A similar call was placed at the John Amos Power Plant in Putnam County last week, the AEP spokesman said. It was the fifth call made to that plant within several weeks. Officials with the John Amos power plant have doubled the reward to $100,000 for information about the people responsible for the string of bomb threats against the facility. The Putnam County Sheriff’s Department, the State Police, and the Federal Bureau of Investigation are involved in the investigation. Source: http://www.mydailyregister.com/articles/2008/11/11/news/news01.txt See also: http://sundaygazettemail.com/News/200811120317

 According to VNUNet.com, two Los Angeles traffic engineers have pleaded guilty to charges that they hacked into the city’s traffic control computer as part of a union dispute over wages. (See item 13)

13. November 12, VNUNet.com - (California) LA engineers admit traffic light hack. Two Los Angeles traffic engineers have pleaded guilty to charges that they hacked into the city’s traffic control computer as part of a union dispute over wages. The engineers broke into the Los Angeles Automated Traffic Surveillance Center, which controls traffic lights in the city. The pair accessed the system illegally and shut down traffic signals at four critical points in the road network, causing crippling delays. It took four days to sort out the system and get it working normally. The hack is thought to have been part of a pay-bargaining procedure between employers and the Engineers and Architects Association, which represents workers at the Automated Traffic Surveillance Center. But there is no suggestion that the union knew about or condoned the men’s actions. The case highlights the problems of employees gaining control of internal systems during disputes. In August the San Francisco state intranet was hijacked by a rogue systems administrator, which may ultimately cost a million dollars to repair. Source: http://www.vnunet.com/vnunet/news/2230263/los-angeles-engineers-pled

Details

Banking and Finance Sector

10. November 12, Reuters – (National) AmEx seeks $3.5 billion from government: report. American Express Co., the fourth largest U.S. credit card issuer, is seeking about $3.5 billion in tax-payer funded capital from the U.S. government, the Wall Street Journal said, citing people familiar with the situation. It was not clear if the application under the Troubled Asset Relief Program (TARP) came before or after the company got Federal Reserve approval to become a bank-holding company. American Express has not announced the application, and it is not known how it would use government money. The company won the approval of the Federal Reserve Board to become a bank holding company on Monday. Source: http://www.reuters.com/article/ousiv/idUSTRE4AB1KG20081112

11. November 12, Bloomberg – (National) Fed said to seek oversight of credit-default swap clearinghouse. The Federal Reserve is seeking to become the lead regulator for clearing trades in the $33 trillion credit-default swap market, according to people with knowledge of the proposal. The Fed, the U.S. Securities and Exchange Commission, the Treasury Department and the Commodity Futures Trading Commission are discussing a memorandum of understanding that lays out oversight of clearinghouses that would become the central counterparty to credit-default swap trades, according to anonymous sources. The Fed has been pushing the industry to form a clearinghouse that would absorb losses should a market maker fail. Regulators stepped up their efforts after the failure of Lehman Brothers Holdings Inc. in September and the near-collapse of American International Group Inc. The New York Fed has been meeting with groups including CME Group Inc., Intercontinental Exchange Inc. and NYSE Euronext to press them to accelerate their progress. Source:http://www.bloomberg.com/apps/news?pid=20601087&sid=apgBhmu_U.Fo&refer=home

12. November 12, Reuters – (National) AT&T and Firethorn bring mobile banking to iPhone customers. AT&T and Firethorn, a Qualcomm company, have announced the availability of their mobile banking application for the iPhone. The companies said the Mobile Banking on AT&T lets users securely and efficiently manage their finances, including checking balances and transaction history, transferring funds, receiving offers, viewing and paying bills, and tracking rewards points. The service is now available for all Firethorn financial institution partners, including America First Credit Union, Arvest Bank, BancorpSouth, Carolina First, FirstBank, Mercantile Bank, SunTrust, Synovus, USAA and Wachovia. Additionally, iPhone customers will have access to any new financial institution added in the future. Source: http://www.tmcnet.com/usubmit/2008/11/12/3779816.htm

Information Technology


35. November 11, DarkReading – (International) Relentless web attack hard to kill. Thousands of Websites infected by a new Web attack during the past few days won’t necessarily be safe even after they remove the offending code. “People are recommending that the Website remove the link, but that’s not enough. If it has compromised your machine once, it will do it again. We’ve seen evidence” of this, says a senior virus researcher for Kaspersky Lab, which first discovered this new wave of Web attacks late last week. The SQL injection attacks, which appear to originate from China, appear to have peaked yesterday, according to Kaspersky. Among the infected sites found by Kaspersky were Travelocity.com, countyofventura.org, and missouri.edu. It is not likely, however, that the attacks will reach the volume of SQL injection attacks from earlier this year, which numbered in the hundreds of thousands of sites, mainly because the new attacks are mostly using a new, stealthier, and more closely guarded SQL injection toolkit, says the director of threat intelligence for SecureWorks. The director and his team have been in communication with the Chinese developer of the tool, hoping to procure a copy and reverse-engineer it. The toolkit is protected with a layer of digital rights management and appears to be sold mainly in China. Source: http://www.darkreading.com/security/attacks/showArticle.jhtml;jsessionid=WHSEF1MKYKODWQSNDLPCKH0CJUNN2JVN?articleID=212001872


Communications Sector


36. November 12, Associated Press – (National) IBM to help build broadband network in power lines. IBM Corp. is throwing its considerable weight behind an idea that seemed to have faded: broadband Internet access delivered over ordinary power lines. The technology has been around for decades, but most efforts to implement the idea on a broad scale have failed to live up to expectations. Now, with somewhat scaled-back goals, improved technology, and a dose of low-interest federal loans, IBM is partnering with a small newcomer called International Broadband Electric Communications Inc. (IBEC) to try to make the idea work in rural communities that do not have other broadband options. Their strategy is to sign up electric cooperatives that provide power to sparsely populated areas across the eastern United States. Rather than compete toe-to-toe with large, entrenched cable or DSL providers, IBEC is looking for customers that have been largely left out of the shift to high-speed Internet. IBM has signed a $9.6 million deal with IBEC to provide and install the equipment. IBEC’s chief executive said putting the network in place should take about two years and cost as much as $70 million. The company will have access to 340,000 homes in Alabama, Indiana, Maryland, Pennsylvania, Texas, Virginia, and Wisconsin, about 86 percent of which have no cable or DSL access. Source: http://ap.google.com/article/ALeqM5h34ExZwCNNQ6JAorv-5jiHL3l_TwD94D69O80


37. November 10, Associated Press – (Massachusetts) Cell phone service debuts in Big Dig tunnels. The nation’s most expensive highway project now boasts uninterrupted

cell phone service throughout its network of tunnels, on-ramps and off-ramps in Boston. The Massachusetts Turnpike Authority announced Monday that customers of AT&T, Sprint, T-Mobile and Verizon Wireless can now use their phones inside the Thomas P. O’Neill, Jr. Tunnel on Interstate 93 and the Interstate 90 Connector, which links the Massachusetts Turnpike to the Ted Williams Tunnel and Logan International Airport. The turnpike’s executive director says in addition to helping commuters and public safety officials, wireless phone service will also generate badly needed revenue for the authority. Source: http://news.bostonherald.com/news/regional/view/2008_11_10_Cell_phone_service_debuts_in_Big_Dig_tunnels/srvc=home&position=recent

Department of Homeland Security Daily Open Source Infrastructure Report

Wednesday, November 12, 2008

Complete DHS Daily Report for November 12, 2008

Daily Report

Headlines

 The U.S. Department of Agriculture’s Food Safety and Inspection Service announced Friday that Barber Foods Company is recalling approximately 41,415 pounds of frozen stuffed chicken products that may contain foreign materials. (See item 24)

24. November 7, U.S. Food Safety and Inspection Service – (National) Maine firm recalls frozen stuffed chicken products that may contain foreign materials. Barber Foods Company — a Portland, Maine, establishment — is recalling approximately 41,415 pounds of frozen stuffed chicken products that may contain foreign materials, the U.S. Department of Agriculture’s Food Safety and Inspection Service announced Friday. The products were produced on May 17, June 2, and August 4, and were made available for catalog or Internet purchase from the Schwan’s Home Service, Inc. by consumers nationwide. The problem was discovered after the Schwan’s Home Service, Inc. received consumer complaints of finding pieces of rubber in the product. FSIS has not received any reports of injury at this time. The following product is subject to recall: 20-ounce, cartons of “#584 SCHWAN’S STUFFED CHICKEN KIEV.” Source: http://www.fsis.usda.gov/News_&_Events/Recall_041_2008_Release/index.asp

 According to Computerworld, Arizona’s Department of Economic Security is notifying the families of about 40,000 children that their personal data may have been compromised following the theft of several hard drives from a commercial storage facility. (See item 32)

32. November 7, Computerworld – (Arizona) Arizona state agency loses data on 40,000 children in disk theft. Arizona’s Department of Economic Security (DES) is notifying the families of about 40,000 children that their personal data may have been compromised following the theft of several hard drives from a commercial storage facility. The information stored on the stolen disks included the names, addresses and phone numbers of families whose children were referred to the DES for early intervention services over the past several years. In the cases of families that had applied for and received services from the agency, their records also included Social Security numbers, a DES spokeswoman said. The DES provides services such as financial assistance and food stamps programs as well as ones that are aimed at preventing child abuse and neglect. According to the DES spokeswoman, the data on the stolen disks was password-protected but not encrypted. She said the disks were stored in a leased storage unit at a local Extra Space Storage facility that was broken into on October 14, and were part of a much broader array of items — including furniture and electronics —that were taken from multiple units at the facility. Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9119562&taxonomyId=17&intsrc=kc_top

Details

Banking and Finance Sector


11. November 10, Register – (International) Visa trials PIN payment card to fight online fraud. Visa cards with a built in one-time code generator are to be trialed by four European banks. The technology is designed to tackle the growing problem of online credit card fraud. MBNA, a Bank of America company in the UK, Corner Bank in Switzerland, Cal in Israel, and IW Bank in Italy are to take part in limited trials of Visa’s new one-time code card. The next-generation cards feature a numeric keypad on the back of a plastic card. Customers enter their PIN code to generate a one-time password. This code, displayed on a card’s display panel, is then used to authenticate online purchases. The approach is an alternative to using a password when authenticating online purchases through the much-criticized Verified by Visa scheme. Source: http://www.theregister.co.uk/2008/11/10/visa_one_time_code_card/


12. November 10, Reuters – (National) Government increases AIG bailout to $150 billion. The government dramatically boosted its bailout of insurer American International Group Inc. and eased the terms of its loans to the company on Monday after an initial rescue plan failed to stabilize the company. Under the new plan, the U.S. Treasury will take a $40 billion equity stake in AIG as part of a package of credits to prevent the collapse of what it called a “systemically important company.” The Federal Reserve is providing up to $112.5 billion in loans and funds for asset purchases. The new package, the largest bailout of a single company, provides AIG with about $27 billion more than previously extended and will leave the government exposed to billions of dollars of additional potential losses. “This is a one-off, created solely for AIG,” a U.S. Treasury official said of the transaction hammered out over the weekend. “This wasn’t done to help AIG shareholders. It gives the company the room it needs in its capital structure to execute its asset disposition plan,” the official told reporters in a background briefing. Source: http://www.reuters.com/article/ousiv/idUSTRE4A92FM20081110


13. November 10, Economic Times – (California; Texas) Crisis brings down two more regional U.S. banks. Two more regional U.S. banks in California and Texas have collapsed. They were Houston-based Franklin Bank and Los Angeles-based Security Pacific Bank, the Federal Deposit Insurance Corporation (FDIC) said. Franklin Bank was closed by the FDIC and the Texas Department of Savings and Mortgage Lending. Its $3.7 billion in deposits were assumed by Prosperity Bank, Bloomberg financial news service reported Saturday. Security Pacific was closed by the California commissioner of financial institutions and the FDIC. Its $450.2-million in assets were acquired by Pacific Western Bank, the FDIC said. Source: http://economictimes.indiatimes.com/News/International_Business/Crisis_brings_down_two_more_regional_US_banks/articleshow/3692700.cms


14. November 7, Bloomberg – (National) U.S. Treasury opens probe seeking improper trading. The U.S. Treasury opened a probe to identify any improper trading in U.S. government securities by bond investors and dealers, following increases in trades that fail to settle. The announcement Friday came after repeated warnings by the Treasury to bond dealers to fix settlement problems in the government securities market or face tougher regulation. The Treasury statement asks for information on the 2 percent two-year-note maturing September 30, 2010 and the 3 1/8 percent 5-year note maturing September 30, 2013. “Entities with reportable positions in either of these notes equal to or exceeding the $2 billion threshold must submit a separate report for the security to the Federal Reserve Bank of New York” before noon on November 14, the Treasury said Friday in a statement released in Washington. The confidential reports requested are for positions held on November 6 at the close of business. The CUSIP, or identification, number on the two-notes is 912828 JL 5, and the CUSIP number for the five-year notes is 912828 JM 3. Source: http://www.bloomberg.com/apps/news?pid=20601087&sid=aUKkYSDtd8QU&refer=home


Information Technology


35. November 10, ComputerWeekly.com – (International) Up to 10,000 Web sites hacked into, unpatched visitors in danger, says Kaspersky. Hackers have launched a widespread Web site attack, leaving malicious links on up to 10,000 web servers, says security software firm Kaspersky Lab. Kaspersky says the servers hacked into are mainly located in Western Europe and the United States. It is not clear at this stage who has hacked the machines, but the expectation is that the number of infected sites will rise. The cyber criminals are adding a line of Javascript code onto the sites that redirects hacked site visitors to one of six servers. These sites then redirect the visitor to a server in China. That server can then launch a variety of attacks, targeting known flaws in the Firefox and Internet Explorer browsers, Adobe’s Flash Player and ActiveX management controls, said Kaspersky. Victims who do not have fully patched PCs run the risk of allowing the remote attackers to install spyware on their machines, and then to steal their data. Source: http://www.computerweekly.com/Articles/2008/11/10/233285/up-to-10000-websites-hacked-into-unpatched-visitors-in-danger-says.htm


36. November 7, eWEEK – (International) Hackers have painted a bull’s-eye on an Adobe Reader flaw patched by the company earlier this week. The attackers are targeting a vulnerability in Adobe Reader 8.1.2 uncovered by Core Security Technologies. According to an advisory from the SANS Institute’s Internet Storm Center, attackers are using malicious PDF files to exploit the bug, which Adobe Systems patched November 4. If successfully exploited, the bug could allow hackers to take complete control of a compromised system. The bug lies in the way Adobe Reader implements the JavaScript util.printf() function, and makes it possible to overwrite the program’s memory and control its execution flow. Exploit code for the flaw has already been posted to Milw0rm. In addition to Reader, the bug affects Adobe Acrobat 8.1.2. Officials at Adobe advise users to either update their software to Version 9 of Reader and Acrobat, which are not susceptible to the attack, or deploy the patch. Source: http://www.eweek.com/c/a/Security/Hackers-Target-Patched-Adobe-Reader-Flaw/


Communications Sector


37. November 10, Berkshire Eagle – (Massachusetts) Fiber optic project will help broadband. A new highway fiber optic installation project in Central Massachusetts will contribute to the eventual spread of broadband connectivity into rural western regions of the commonwealth. The $30.7 million project, dubbed the Intelligent Transportation System, includes installation of fiber optic cable backbone over 58 miles of I-91 and I-291 with 17 variable message signs and 33 closed-circuit television cameras. Through the new roadway broadband information system, the Traffic Operations Center at the Northampton District 2 office will be upgraded and directly linked to the MassHighway Traffic Operations Center in Boston. The project includes additional fiber lines that could be used for other purposes, including enabling broadband access. Source: http://www.berkshireeagle.com/ci_10945211