Tuesday, June 16, 2009
Complete DHS Daily Report for June 16, 2009
Daily Report
Top Stories
The Associated Press reports that a Chinese submarine’s reported collision last week with an underwater sonar apparatus towed by a U.S. destroyer in the South China Sea was likely an accident, the China Daily said Monday. (See item 31)
31. June 15, Associated Press – (International) Report: Sub, sonar collision accidental. A state-run newspaper said Monday that a Chinese submarine’s reported collision last week with an underwater sonar apparatus towed by a U.S. destroyer in the South China Sea was likely an accident. The official China Daily cited Chinese military experts as saying that the submarine’s collision with the sonar array connected to the USS John S. McCain probably occurred due to a misjudgment of distance. No injuries were reported and the extent of damage to the sonar array was not immediately known. A senior researcher with the People’s Liberation Army’s Navy Equipment Research Center said the American destroyer appeared to have failed to detect the submarine, while the Chinese vessel set its distance from the McCain assuming it was not carrying sonar arrays, according to the paper. A Pacific Fleet spokesman said Sunday that the multifunction sonar array attached to the USS John S. McCain was damaged Wednesday, but did not say how the damage occurred. “All we know is that the towed array was damaged,” the spokesman said. CNN reported that the incident occurred near Subic Bay, off the coast of the Philippines. The network cited unidentified U.S. military officials as calling it an “inadvertent encounter” and that the Navy did not believe it was a deliberate act of Chinese harassment. The CNN report said the incident occurred Thursday. Source: http://www.wavy.com/dpp/news/military/military_ap_bejing_ReportSubsonarcollisionaccidental_20090615
According to DarkReading, an indictment was unsealed on June 12 against three individuals who allegedly hacked into the telephone systems of large corporations and entities in the United States and abroad and sold information about the compromised telephone systems to Pakistani nationals residing in Italy. The losses in the case exceeded $55 million. (See item 40)
See Item 40 in the Communications Sector
Details
Banking and Finance Sector
17. June 12, WVIR 29 Charlottesville – (Virginia) Credit Union users target of text scam. The UVA Credit Union is warning customers about a text message scam targeting their accounts. Credit union officials say the bogus text message claims that a member’s debit card has been blocked and that they need to call a phone number to verify their information. If any members have been hit by this scam and think that their private information may now be at risk, they are asked to call the credit union. Source: http://www.nbc29.com/Global/story.asp?S=10524130
Information Technology
39. June 14, ITWire.com – (International) Use of phishing toolkits on the rise. There has been a huge increase in the use of phishing toolkits, with 42 percent of phishing URLs recently generated using the toolkits, and the emergence of a new trend of phishing attacks towards the popular social networking site, Facebook. Symantec, in its June phishing report, says it observed an increase in URLs using phishing toolkits during May of 100 percent over the previous month, with a 14 percent decrease in non-English phishing sites compared to February. The security firm also reports that during May, more than 98 Web hosting services were used, which accounted for six percent of all phishing attacks, which was a decrease of five percent from the previous month. According to the executive editor security response at Symantec, Symantec observed that 58 percent of all attacks were from unique phishing Web sites, which included more than 206 targeted known brands. “The unique attacks decreased by nine percent from the previous month. This was the result of a sharp increase in toolkit activity as the trending of the two is usually inversely correlated.” In relation to the use of toolkits, Symantec says that that there was a sudden increase in toolkit attacks during the first week of May, primarily targeting the information services and financial sectors, due primarily to the resurgence in phishers targeting Facebook. Source: http://www.itwire.com/content/view/25643/53/
Communications Sector
40. June 12, DarkReading – (International) Busted: international telephone hacking conspiracy. An indictment was unsealed on June 12 against three individuals who allegedly hacked into the telephone systems of large corporations and entities in the United States and abroad and sold information about the compromised telephone systems to Pakistani nationals residing in Italy, an Acting U.S. Attorney announced. Italian law enforcement conducted searches of approximately 10 locations in Italy and arrested the financiers of the hacking activity. Those financiers allegedly used the information to transmit over 12 million minutes of telephone calls valued at more than $55 million over the hacked networks of victim corporations in the United States alone. The investigation has been ongoing since 2006 and relates to conduct ranging from October 2005 through December 2008. As described in the indictment, two persons, residing in Italy, were among the financiers of the hacking and owned and operated call center operations in Italy from which their customers would make calls throughout the world. To increase their profits, they made efforts to incur as little costs as possible in routing their customers’ telephone calls to the intended call-recipient. They recruited the three individuals to hack into the telephone networks of unsuspecting large corporations and entities so that telephone calls from the call centers could be transmitted over the hacked networks. To accomplish their mission, the hackers gained an intimate familiarity with the programming of the public branch exchange (PBX) telephone systems. As the hackers dialed into the systems, they were able to identify the type of PBX system by the prompts and were thereby able to begin a process, known as a brute force attack, by which they sought to attack vulnerable points of the PBX systems. Often, the vulnerable points consisted of telephone extensions with default passwords still in place. AT&T was not hacked but was among the companies that carried the long-distance calls. In addition to the conspiracy count, each of the defendants is charged with two counts of unauthorized access to a computer system for purposes of committing fraud, and with the possession of unauthorized access devices, including passcodes to U.S. telephone systems. Source: http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=217801056&subSection=Attacks/breaches
No comments:
Post a Comment