Department of Homeland Security Daily Open Source Infrastructure Report

Monday, January 5, 2009

Complete DHS Daily Report for January 5, 2009

Daily Report


 The U.S. Food and Drug Administration announced on Friday a recall of lot no. UD30654 of Healon D, an ophthalmic viscosurgical device manufactured by Advanced Medical Optics Inc. of Santa Ana, California. Tests of this lot revealed elevated levels of endotoxin. (See item 21)

21. January 2, U.S. Food and Drug Administration – (National) FDA announces class I recall of ophthalmic surgical device. The U.S. Food and Drug Administration announced a class I recall of lot no. UD30654 of Healon D, an ophthalmic viscosurgical device (OVD) manufactured by Advanced Medical Optics Inc. (AMO) of Santa Ana, California. OVDs are viscoelastic materials used to maintain space in the eye during surgery. Typically, OVDs are pre-packaged in a syringe and are applied using a small tube. On October 30, 2008, AMO voluntarily recalled all 4,439 units of Healon D lot no. UD30654 of Healon D, due to complaints of inflammation after eye surgery, including Toxic Anterior Segment Syndrome (TASS). At that time, AMO informed customers of the number and nature of adverse event reports associated with OVD from that lot, and included a fax reply form for quick communication. However, as of December 3, 2008, AMO had retrieved only 964 units of the 1,450 that had been distributed in the United States. AMO received 66 adverse event reports associated with the recalled products. Tests of this lot revealed elevated levels of endotoxin, which has been associated with post-operative intraocular inflammation and TASS. Source:

 A man suspected of placing gift-wrapped bombs in two banks and in an alleyway in Aspen, Colorado, Wednesday shot and killed himself a short time later. Nearly all of downtown was evacuated. (See item 29)

29. January 2, Associated Press – (Colorado) Man sought in Aspen threats kills himself. A one-time resident of Aspen, Colorado, who had been bitter over its transformation into a playground for the rich, left four gift-wrapped bombs downtown in a bank-robbery attempt, turning New Year’s Eve celebrations into a mass evacuation, police said Thursday. The dangerous bombs were made of gasoline and cell phone parts and came with notes warning of “mass death.” The 72-year-old man suspected of placing them in two banks and in an alleyway on Wednesday shot and killed himself a short time later, police said. The man had walked into two Aspen banks about 2:30 p.m. Wednesday and left packages wrapped in holiday paper along with notes saying the boxes contained bombs, police said. The notes threatened “mass death,” demanded $60,000 cash, and included criticisms of the current U.S. President, the assistant Aspen police chief said. The man’s notes said he was targeting four banks, police said, but only two — a Wells Fargo Bank and a nearby Vectra Bank — received the packages. Later, police found two similar packages atop a black sled in a downtown alley. The threats prompted police to clear nearly all of downtown Aspen — 16 blocks that otherwise would have been filled with tens of thousands of New Year’s revelers. Residents were allowed to return at 4 a.m. Police bomb squads detonated the bombs once the area was cleared; no one was injured. The Aspen Times reported that the man left a typewritten note at the newspaper’s offices Wednesday evening saying, “Aspen will pay a horrible price in blood” if his demands were not met. The note also said a fifth bomb was “hidden in a high end watering hole,” and Aspen bars had been searched but no additional bomb was discovered. Source:


Banking and Finance Sector

5. January 2, Kennebec Morning Sentinel – (Maine) State crafts report on security breaches. The state’s Bureau of Financial Institutions has released a report examining the impact of data security breaches on Maine banks and credit unions. The “Maine Data Breach Study” identifies the various consumer protection steps taken by financial institutions in the aftermath of a breach and highlights the costs associated with breaches. “This study reveals the impact a large-scale data breach has on Maine banks, credit unions and their customers,” the bureau superintendent said in a release. “The cost to banks and credit unions — in terms of financial and staffing resources — can be substantial.” Since January 1, 2007, there have been two major data breaches affecting Maine’s financial institutions: the TJX data breach that became known to banks and credit unions in January 2007 and the Hannaford Bros. Co. breach, which became known to banks and credit unions in March 2008. Source:

6. January 2, Wall Street Journal – (National) FDIC employs tool used for S&L crisis. Federal regulators are dusting off a tool used during the savings-and-loan crisis to help deal with an expected wave of bank failures in 2009. The mechanism, known as “loss sharing,” gives healthy banks an incentive to take on troubled assets of a failed institution, with the government agreeing to assume the majority of future losses. In most other cases, the buyer takes the failed bank’s deposits, leaving most of the assets to be managed and sold by the Federal Deposit Insurance Corp. The FDIC used versions of the loss-sharing model several times last year, including during the initial attempt to rescue Wachovia Corp., as part of federal aid to Citigroup Inc., and during the fire sale of two failed California institutions. Source:

7. January 2, Bangor Daily News – (Maine) Members of Maine credit unions warned of e-mail ‘phishing’ scam. Members of Maine’s credit unions should use caution if they spy an official-looking e-mail in their inbox that directs them to reactivate their ATM cards and personal identification numbers. The e-mail is a scam, said a member of the Maine Credit Union League. “It looks very real,” he said. “Anything official to your home e-mail address is bound to raise a few eyebrows.” He said that credit unions would never contact their members by e-mail asking for private account information. Source:

8. January 1, Asheville Citizen-Times – (North Carolina) Federal regulators slam Blue Ridge Savings. Federal and state regulators have sharply reprimanded Blue Ridge Savings Bank, saying it has been poorly led and managed, and has been operating “with a large volume of poor-quality loans.” Blue Ridge operated with inadequate reserves, committed unspecified violations of law, and the actions of bank managers put deposits at risk, according to an order from the FDIC. The bank agreed to fix the problems listed in the 25-page order filed Nov. 3 without admitting or denying the problems it details. The agreement is common in cease-and-desist actions from the FDIC. Blue Ridge Savings was the only bank in North Carolina to get that type of order last year, according to federal records. Source:

Information Technology

25. January 1, Network World – (International) Warning over DNS protection. IT managers should make protecting their systems from a DNS attack a priority, despite the budget constraints that they are operating under. Despite the threat posed by the vulnerability discovered last year and despite other DNS attacks, such as cache poisoning and distributed denial-of-service (DDoS), a quarter of all networks had not been patched by mid-November, according to the Measurement Group. A separate survey of 466 enterprise online customers conducted by DNSstuff in September revealed that 9.6 percent had not patched their DNS servers and 21.9 percent did not know if they were patched. The findings show that despite the DNS community’s and several vendors’ efforts, a significant number of server administrators have yet to take action. As for the reasons behind the lack of patches, more than 45 percent cited a lack of internal resources, 30 percent said they were unaware of the vulnerability, and 24 percent reported they didn’t have enough knowledge of DNS to take the appropriate steps. Source:

26. December 31, – (International) Flash & Safari fail in privacy test. As Mozilla’s Firefox, Google’s Chrome, Microsoft’s Internet Explorer, and Apple’s Safari all compete against one another to try to see who can be the number one Web browser, certainly privacy is a key factor that influences success. A researcher at San Francisco security firm iSec Partners recently took a closer look into the effectiveness of the newest batch of browser privacy tools. In her research, she found particular problems with Safari, and also concluded that none of the four major browsers extends privacy protections to Adobe’s Flash plug-in. In the researcher’s tests, Apple’s Safari fared the worst of the browsers: When surfing in “private browsing mode” on a Macintosh running OS X, Safari was, as she put it, “quirky” in that the browser accessed some of the cookies previously stored on her computer but not others. On a Windows XP machine, she found Safari’s private browsing mode to be even worse — with no privacy at all. In fact, the browser accessed previously set cookies and did not delete any new ones in this scenario. Source:

Communications Sector

27. January 2, – (International) ‘Curse of silence’ smartphone flaw disclosed. A denial-of-service attack that limits the number of short message service (SMS) messages that can be received by Nokia smartphones has been disclosed. Dubbed the ‘Curse of Silence’ by a German security researcher, the attack occurs when Nokia Series 60 phones are sent a malformed email message via SMS. An advisory made public by the researcher on Tuesday explained that, after receiving a message from a sender with an email address of greater than 32 characters, Nokia S60 2.6, 2.8, 3.0 and 3.1 devices are not able to receive any more SMS or multimedia message service (MMS) messages. Affected users must perform a factory reset of the handset to remedy the issue. No firmware fix was available at the time of the advisory. “Nokia is not currently aware of any malicious incidents on the S60 platform related to this alleged issue and we do not believe that it represents a significant risk to customers’ devices,” a Nokia spokesperson said. “Nokia believes that the vulnerability may be valid for some of the S60 on Symbian OS products. We are also working with the Symbian team to further investigate the vulnerability.” Software security company F-Secure said on Tuesday that Sony Ericsson UIQ devices may also be vulnerable to this type of attack. F-Secure added that the company had managed to test the flaw and add protection to its Mobile Security product. Source:,1000000189,39586953,00.htm

28. December 31, Jackson County Floridian – (Florida) Embarq: DOT contractor broke cable. A two-day outage of Embarq Internet access and long distance phone service is most likely resolved, according to a representative from Embarq, who said Tuesday the cause of the problem was a broken fiber optic cable. It was damaged by a Florida Department of Transportation contractor Monday near Chipley. Approximately 5,000 customers from Fort Walton to Chipley were affected by the broken cable. Embarq did follow-up testing Tuesday, which caused sporadic interference in service throughout the area, he said. Source: