Department of Homeland Security Daily Open Source Infrastructure Report

Thursday, June 25, 2009

Complete DHS Daily Report for June 25, 2009

Daily Report

Top Stories

 According to the Associated Press, at least three people were injured on Tuesday in an explosion at the Guest Inn Motel in Yukon, Oklahoma. The cause of the blast, which forced the evacuation of 40 motel guests, has not been confirmed. (See item 38)

38. June 24, Associated Press – (Oklahoma) Pregnant woman, 2 others injured in hotel explosion. A pregnant woman and at least two others were injured on June 23 in an explosion at a motel in a suburb of Oklahoma City, authorities said. The woman, who is eight months pregnant, and a man were critically injured in the blast at the Guest Inn Motel in Yukon about 6 p.m., police spokeswoman said. Another person was treated at the scene, according to the emergency medical services authority. The police spokeswoman also said a couple other people may have suffered minor injuries. The cause of the blast has not been confirmed, but officials do not believe it was from a methamphetamine lab. “The walls were blown out and debris is across the parking lot,” the police spokesman said. At least eight of the motel’s units were damaged, the spokeswoman said. The pregnant woman, who is the motel’s manager, suffered burns to her hands, face, lips and ears. Emergency crews evacuated the motel, which had about 40 guests, and electric power was turned off, the spokeswoman added. Source:,2933,528881,00.html

 The Seattle Times reports that the U.S. Army Corps of Engineers may have to severely restrict how much stormwater the Howard Hanson Dam in Washington State can hold back for the next several winters after discovering that water is flowing through the dam’s right abutment “very fast.” (See item 41)

41. June 24, Seattle Times – (Washington) Water seeping through Howard Hanson Dam is picking up speed. The speed at which water is seeping through a flank of the Howard Hanson Dam has, by one key measure, increased since January, and the people who operate the dam do not know why. Officials with the Army Corps of Engineers said in a news release June 23 that water is flowing through the 48-year-old dam’s right abutment “very fast” and may mean the earth-and-rock structure could erode if too much water is stored behind the dam 32 miles upstream from Auburn. Nobody is saying there will be large-scale floods for the first time since the dam was built, but the weakness in the dam abutment — the side of the valley against which the dam was built — means the Corps of Engineers may have to severely restrict how much stormwater the dam can hold back for the next several winters. And that could mean more water flowing through the valley below, raising the risk of flooding for the cities of Kent, Renton, Tukwila, and Auburn. Seepage through the dam’s right abutment has caused concerns for much of its life. Improvements were made in 1965 and again in 2002, but engineers are worried the problem may have worsened. The Corps of Engineers publicly acknowledged new concerns about the stability of the dam abutment in January, when staffers found several “anomalies” during a storm that dumped 15 inches of rain in 24 hours behind the dam. The Corps is, again, in the process of lowering the reservoir. The Corps said in its news release that the water will not be released fast enough to endanger swimmers, boaters and other people on the river. But in the past few days, results of a dye test came back with surprising results. A small amount of dye moved through the abutment into a drainage tunnel far faster than it had during a January test after the storm. More dye-test results will be done in the coming weeks, and contractors are currently drilling into the abutment to help engineers understand what’s happening. By November the Corps will install a “grout curtain” to reduce seepage, and will drill more vertical and horizontal drains. The measures are expected to cost more than $20 million. Planning will then begin on a permanent solution, which is likely several years away. Dam-safety experts from around the country are advising the Corps on those interim measures and possible long-term solutions. Source:


Banking and Finance Sector

12. June 23, Associated Press – (Illinois) 37 charged in Ill. mortgage fraud crackdown. Two real estate companies, a title company, an investment company and 37 people have been charged in mortgage fraud cases in the Chicago area that cost lenders $48 million, federal officials announced on June 23. It was the third major batch of unrelated mortgage fraud cases unveiled in the last year by federal prosecutors eager to focus attention on the crime. “There certainly is a wave of mortgage fraud that we’re trying to crack down on,” a U.S. attorney said at a news conference. Properties in the batch of five unrelated cases ranged from dilapidated houses in Chicago’s blighted Englewood neighborhood to Near North Side condominiums to homes in the affluent suburbs of Glenview and Wheaton. Individuals charged included mortgage brokers, loan officers, real estate investors, appraisers and an attorney. The cases involve a total of $48 million in fraudulently obtained mortgages, federal officials said. Most of thee cases involved buyers who allegedly obtained mortgages with the intention of getting the loan money and then skipping out on the payments. In some cases, the buyers used fictitious names. In the largest case, a Buffalo Grove real estate man and his wife are charged with paying people to obtain mortgages on 70 properties, many in dilapidated condition in Chicago’s gang-ridden Englewood neighborhood. Once the mortgage money was in hand, the borrowers skipped out on the payments and the lenders suffered huge losses, prosecutors said. Most of the 15 people accused of taking part in the scheme are charged with mail fraud or wire fraud. Source:

13. June 23, MarketWatch – (National) FDIC eyes extension to unlimited deposit insurance. The Federal Deposit Insurance Corp. on June 23 proposed extending a program that provides unlimited deposit insurance for non-interest-bearing deposits by six months. The coverage was set to expire December 31, 2009, but the agency extended it to June 30, 2010, seeking to calm fears of large businesses that have significant business customers that keep large deposit accounts at banks for their payrolls. The agency provided a temporary blanket deposit insurance coverage for non-interest-bearing accounts last year as the financial crisis worsened. Source:

Information Technology

32. June 24, Wall Street Journal – (National) Military command is created for cyber security. The U.S. Defense Secretary created a new military command dedicated to cyber security on June 23, reflecting the U.S. President’s plans to centralize and elevate computer security as a major national-security issue. In a memo to senior Pentagon officials, the U.S. Defense Secretary said he intends to recommend that the director of the National Security Agency take on the additional role as commander of the Cyber Command with the rank of a four-star general. The U.S. Defense Secretary’s budget envisions training more than 200 cyber-security officers annually. The decision follows the U.S. President’s announcement last month that he will establish a new cyber-security office at the White House, whose chief will coordinate all government efforts to protect computer networks. The Pentagon initiative will reshape the military’s efforts to protect networks from attacks by hackers, especially those from China and Russia. It also consolidates the largest concentration of cyber warriors and investigators in the government under one military command, exacerbating concerns of some experts who worry about military control of civilian computer systems. Source:

33. June 24, Washington Post – (International) Microsoft debuts free antivirus software beta. Microsoft on June 23 released a beta version of its new free anti-virus offering, Microsoft Security Essentials (a.k.a “Morro”). MSE is basically the next generation of Microsoft’s Windows Live Onecare anti-virus and anti-spyware service, but without all of the extras, such as a firewall, data backup solution and restore or PC performance tuning. After installation, MSE spends a couple of minutes downloading additional files, and then prompts the user to perform a “Quick Scan.” Anti-virus products are notorious for sucking up system resources, but it barely uses more than 4 MB of system memory for scans. The program includes real-time protection, which Microsoft says “alerts you when viruses, spyware and other potentially unwanted software attempts to install itself or run on your computer.” In addition, MSE monitors file and program activity on a user’s computer, and automatically scans all downloaded files and attachments. If it finds something, it will ask a user what to do with the suspect file, and if the user takes no action after 10 minutes, Microsoft will decide what to do with the file(s) according to its default actions. Source:

34. June 24, IDG News Service – (International) Adobe issues security update for Shockwave Player. Adobe Systems has released a patch for its Shockwave Player to fix a critical vulnerability, the company wrote on its security blog on June 23. Adobe did not provide many details on the vulnerability but wrote that it is remotely exploitable, meaning a hacker could use it to infect a computer with malicious software over the Internet. Shockwave Player is used to display content created by Adobe’s Director program, which offers advanced tools for creating interactive content, including Flash. The Director application can be used for creating 3D models, high-quality images and full-screen or long-form digital content and offers greater control over how those elements are displayed. The vulnerability affects Shockwave Player version and earlier. Users should uninstall the old version and install version, which is available for download. The company was tipped off to the vulnerability by security vendor TippingPoint Technologies’ Zero Day Initiative, which pays security researchers for vulnerability information that is responsibly disclosed. Source:

35. June 24, MXLogic – (International) CISOs see insiders as greatest ‘human threat’ to data security. The vast majority of chief information security officers surveyed at a CISO summit in June said that insiders are the greatest human threat to data security, while only 18 said they are concerned about threats from external sources such as cybercriminals and corporate spies. The survey by NetWitness Corporation and MIS Training Institute revealed that 80 percent of CISOs and CSOs feel insiders are the greatest human threat. A conference director at MIS Training Institute said the survey findings are “alarming,” in that there is a “misperception that traditional security approaches alone can protect against information leaks and that some CISOs were not sure what they need for data protection or were not planning to focus any money in that area this year.” Although CISOs are at least thinking about insider threats, another recent survey of business managers found that executives seemingly do not think about insider threats to data security from ex-employees. A Courion Corporation survey revealed that 93 percent of business managers are confident that terminated employees pose no risk to their network security, even though many have limited knowledge of the systems to which their employees have access. Source:

36. June 23, IDG News Service – (International) Cloudmark security suite addresses growing SMS spam. As mobile users are more frequently pestered by SMS spam, one security vendor is applying its experience in stopping e-mail spam for mobile networks. Cloudmark released on June 23 a suite of services designed for operators to stop abuse on their networks, such as MMS (Multimedia Messaging Service) and SMS spam as well as malware aimed at mobile devices. The suite, called MobileAuthority, combines several features and services that Cloudmark had offered individually, but now make more sense to offer as a suite, said the head of technology services for Europe. The Sender Intelligence component of MobileAuthority allows operators to detect and then block mobile spam originating from either inside their network or from one of their partners. The filtering component looks for patterns in order to block spam, malware or phishing scams. Cloudmark has also set up a managed security service with a team that will monitor a mobile provider’s networks for abuse and make adjustments in filtering in order to stop further problems. As hackers and spammers see the potential for profit by hitting people with various scams over their mobiles, it is likely they will proliferate, the head of technology services said. Mobile users in North America and Europe have not been inundated with as much spam as people in Asia, but it is on the rise. “We haven’t seen that much, although it’s now starting to get reasonably pernicious in North America,” said Cloudmark’s CEO. Source:

37. June 23, Homeland Security Newswire – (International) Effective cybersecurity requires common language. The former cybersecurity director at DHS had some sobering words last week about the battle for cybersecurity. “We lost,” the former director, now chief executive officer of NetWitness Corp., said at the Symantec Government Symposium in Washington. “We lost the cyber war over the last 15 years. Our computing environment is already compromised,” and things are likely to get worse going forward because we do not really understand security. “We lack any meaningful metrics or measures to say how secure a system is.” It no longer is true that the best minds are on the side of the hackers. The dark side of cyberspace has been co-opted by organized crime, entrepreneurs of questionable integrity and, possibly, terrorists. Much of the process of illegal hacking has been mechanized to the point that it involves automation, not innovation. Part of the problem was identified by the U.S. Computer Emergency Readiness Team director. ”We lack a common language for discussing many of the elements of security. We need to reinvent not only how we do incident response, but how we talk about events,” the director said at the symposium. Source:

Communications Sector

Nothing to report.

No comments: