Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, November 25, 2008

Complete DHS Daily Report for November 25, 2008

Daily Report

Headlines

 Reuters reports that Boeing shut down production at a military helicopter plant outside Philadelphia on Friday after a third incident involving foreign objects prompted the Pentagon to issue a corrective action against the company. (See item 11)

11. November 21, Reuters – (National) Boeing halts rotorcraft output after debris found. Boeing shut down production at a military helicopter plant outside Philadelphia on Friday after a third incident involving foreign objects prompted the Pentagon to issue a corrective action against the company. A Boeing spokesman said the company received the notice from the Pentagon’s Defense Contracts Management Agency on Friday, which means the government will not accept any aircraft manufactured at the plant until certain requirements are met. Boeing produces its CH-47 Chinook helicopters and MH-47G Special Operations Chinook the at the plant, as well as the fuselages for the V-22 tilt-rotor aircraft that it builds with Textron Inc’s Bell Helicopter unit. He said Boeing had halted production at the plant until the company was able to determine how the foreign object debris had gotten into the V-22 fuselage. He said the latest incident was discovered by Boeing during a quality inspection last week. Source: http://www.reuters.com/article/rbssIndustryMaterialsUtilitiesNews/idUSN2149982520081121

 According to the Army Times, the U.S. Defense Department confirmed Friday that a virus has infected some of its computer networks. (See item 28)

28. November 23, Army Times – (National) DOD confirms computer virus in networks. The U.S. Defense Department confirmed Friday that a virus has infected some of its computer networks but declined to identify the infection, say whether it was a direct attack on the networks, or confirm published directives that ban the use of portable storage media such as thumb drives. “We are aware of a global virus for which there are some public alerts,” said a Pentagon spokesman. “And we’ve seen some of this on our networks. We’re taking steps to identify and mitigate the virus.” The spokesman would not characterize the infection further except to call it a “global issue” that also is affecting worldwide networks outside the Defense Department. He also declined to confirm a ban on the use of thumb drives, although the ban was spelled out in at least two recent Air Force directives, one of which says the order comes from the Defense Department command that oversees the military computer domains shared by all the services. He also would not comment on whether officials think the infection may have been transmitted to the military’s networks by way of a thumb drive or other flash media. Source: http://www.armytimes.com/news/2008/11/military_thumbdrives_computerworm_112108w/

Details

Banking and Finance Sector


12. November 24, BBC News – (National) U.S. rescues ailing Citigroup bank. The U.S. Treasury is set to invest $20 billion in Citibank in return for preferred shares. The Treasury and the Federal Deposit Insurance Corp will also guarantee up to $306 billion of risky loans and securities on Citigroup’s books. “Equity markets have responded positively to the Citigroup news,” said an individual at ECU Group. The new plan follows a $25 billion injection of public funds in the bank last month. Source: http://news.bbc.co.uk/2/hi/business/7745168.stm


13. November 24, Associated Press – (International) Hands-off hackers: Crooks opt for surgical strikes. A new report by antivirus software vendor Symantec Corp. details a startling trend that highlights the inventive ways criminals are figuring out ways to make money online. Instead of stealing customer data, a small subset of hackers have concerned themselves with accessing the compromised companies’ payment-processing systems, and nothing else, according to the “Symantec Report on the Underground Economy,” slated for release Monday. Those systems allow the criminals to check whether credit card numbers being hawked on underground chat rooms are valid, the same way the store verifies whether to accept a card payment or not. It is a service the crooks sell to other fraudsters who do not trust that the stolen card numbers they are buying from someone else will actually work. Source: http://tech.yahoo.com/news/ap/20081124/ap_on_hi_te/hands_off_hackers


14. November 22, McClatchy-Tribune Information Services – (North Carolina) Personal information of 70 people stolen from tax office. New Bern, North Carolina, police say a computer stolen from B.J. Accessories and Tax Preparation last week contains identity information of about 70 people. Police are still investigating the theft, and had no suspects as of Friday night. The owner of the tax-preparation business has been told to notify clients about a possible breach of their personal information. Source: http://www.tmcnet.com/usubmit/2008/11/22/3807787.htm

15. November 21, Forbes – (Missouri) Six indicted for alleged mortgage fraud. Six area individuals were indicted Thursday by a federal grand jury in Springfield for their alleged roles in a mortgage fraud scheme involving 29 homes in Greene and Christian Counties, according to the U.S. Attorney’s Office. Four of the six people indicted were former mortgage brokers operating in the Springfield area. One was the owner of Master Marketing Consultants and former branch manager for Gateway Mortgage. Another was the former branch manager for Choice Mortgage. An FBI supervisory special agent said the investigation into local mortgage fraud schemes is continuing and that additional indictments are possible. Source: http://www.forbes.com/technology/2008/11/21/data-breaches-cybertheft-identity08-tech-cx_ag_1121breaches.html

Information Technology


33. November 24, Register – (International) Domain hijack fears over Gmail exploit. A Gmail exploit which might be abused to allow domain hijacking has reared its ugly head once more. The reported vulnerability revolves around the potential ability for hackers to create a malicious filter without needing to obtain the login credentials for a Gmail account. A flaw of this type hit a web designer back in December 2007. Security watchers thought that Google had a handle on the problem, but now it seems that this confidence might have been misplaced. The exploit kicks off by tricking surfers into visiting a maliciously constructed website. This site uses cross-site request forgery trickery to set up a filter on a targeted Gmail account which forwards email to a hacker’s account while deleting it from a victim’s inbox. The exploit involves stealing a cookie and creating a fake iFrame with a URL containing the variables that instruct Gmail to create a filter. Source: http://www.theregister.co.uk/2008/11/24/gmail_exploit/


34. November 22, CNET News – (National) 2 engineers sentenced for espionage. Two Silicon Valley engineers from China have been sentenced to prison for stealing chip designs and attempting to smuggle them back into their native country, the Associated Press reported. The two men pleaded guilty two years ago. They were sentenced Friday in U.S. District Court in San Jose, California. According to the AP, they are the first ones convicted of the most serious violations under the Economic Espionage Act of 1996. One of the accused is a U.S. citizen, the AP said, and the other is a permanent resident of the United States. Prosecutors did not allege that China’s government actually knew of the crime. Prosecutors said documents showed the two accused were trying to sell the idea of the start-up as a way to boost China’s chip-making abilities. Source: http://news.cnet.com/8301-1001_3-10106100-92.html?tag=mncol


Communications Sector


Nothing to report