Department of Homeland Security Daily Open Source Infrastructure Report

Friday, January 23, 2009

Complete DHS Daily Report for January 23, 2009

Daily Report


 WBOY 12 Clarksburg reports that Monongalia County, West Virginia emergency crews were on the scene of an explosion at Mylan Pharmaceuticals for several hours Thursday morning. (See item 23)

23. January 22, WBOY 12 Clarksburg – (West Virginia) Explosion at Mylan lab sends two to hospital. Monongalia County, West Virginia emergency crews were on the scene of an explosion at Mylan Pharmaceuticals for several hours early Thursday morning, they said. Around 12:12 a.m., an explosion in one of the processing rooms was reported, according to a press release from the Monongalia Office of Emergency Management. Two patients were transported to a nearby hospital as a precaution, the incident commander said. Investigators are trying to figure out what caused the explosion. Source:

 According to Reuters, one suspect was arrested on Wednesday after the federal building in Oklahoma City was evacuated because of a bomb threat. (See item 26)

26. January 22, Reuters – (Oklahoma) Oklahoma fed building area to reopen after bomb threat. One suspect was arrested on Wednesday after the federal building in Oklahoma City was evacuated because of a bomb threat, the Federal Bureau of Investigation said. Several city blocks had also been closed off, but local media reported that the area was to be reopened to the public late on Wednesday night. The FBI said in a statement the suspect, of Oklahoma City, entered the federal building and was told he could not proceed further without going through a security check. He then left two notes with security personnel along with the backpack he was carrying, and left the building. “The notes stated there was a bomb in the backpack and in a car parked next to the building,” the FBI said. Experts had checked the bag and car for explosives, and the local KOCO TV news reported that a car believed to belong to the suspect had been towed away late Wednesday evening. Source:


Banking and Finance Sector

9. January 21, WSAV 3 Savannah – (Georgia) Warning against text message scam. The Beaufort County Sheriff’s Office is warning all citizens to be aware of a potential scam that could be used to steal important financial information. A complainant reported to Sheriff’s deputies on January 20 that he had received a text message on his cell phone from an unknown sender. The message stated: “This is an automated message from Health Facilities FCU. Your ATM card has been suspended. To reactivate, call urgent at 877-526-9331.” The complainant contacted the provided phone number, where he was prompted to enter his account number, pin number, and expiration date. The complainant did not enter the requested information, as he was suspicious of it being a scam. Source:

10. January 21, Nacogdoches Daily Sentinel – (Texas) Local text message scam targets debit card owners. Individuals across the State of Texas began receiving unauthorized text messages and e-mails on January 20 from an anonymous source, according to a spokesman for Commercial Bank of Texas. Commercial Bank of Texas in Nacogdoches began receiving phone calls on January 20 from the targeted individuals, some of whom had called the phone number within the text message. The CBTx security department was notified, and an investigation began. The origin of the texts and e-mails was unknown; however, the messages did not come from Commercial Bank of Texas, according to bank officials. The Nacogdoches Police Department and the FBI have been alerted and are conducting an investigation. Source:

11. January 21, Bloomberg – (Florida; Texas) Hedge fund run by ex-car salesman is scam, SEC says. U.S. regulators sued a used-car salesman from West Texas for touting a $45 million hedge fund that they said was actually a Ponzi scheme. The defendant misappropriated millions of dollars from investors since 2001, the Securities and Exchange Commission said in a federal lawsuit filed in Lubbock, Texas. The man said he generated annual profits as high as 61 percent, according to the suit. “The defendant’s claims regarding the hedge fund and the high rates of return are completely bogus,” the regulator said in the suit. Besides running the fund, the agency said the 43-year-old worked as a bail bondsman, a tow-truck driver and a crop-dusting pilot. The SEC on January 21 also sued a Florida hedge-fund adviser claiming he overstated investments by $300 million. Less than $1 million in assets remain after the defendant went missing last week, the SEC said in a federal lawsuit filed in Tampa, Florida. Source:

See also:

Information Technology

29. January 21, DarkReading – (International) Legitimate sites carry increasing portion of malware. According to Websense Security Labs’ newly published “State of Internet Security” report for the second half of 2008, 77 percent of Web sites that carry malicious code are legitimate sites that have been compromised. This figure rose by almost 3 percent over the first six months of the year. The number of sites carrying malicious code grew by 46 percent over the course of 2008, Websense says. Seventy percent of the top 100 sites on the Web, most of them social networking or search engine sites, either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites, according to the report. This figure represents a 16 percent increase over the first six months of 2008, Websense says. “The most prevalent trend was the continued use of Web 2.0 content to exploit weaknesses within the Web infrastructure to attract the greatest number of victims,” the report states. “Search engines and social networking sites were the biggest targets over the last six months, as hackers continued to get creative and leverage user-created content to compromise sites with good reputations.” And the Web is becoming attackers’ favorite vehicle for launch, the report states. In the second half of 2008, 57 percent of data-stealing attacks were conducted over the Web. Source:;jsessionid=WKY4NVJAT55K0QSNDLRSKHSCJUNN2JVN?articleID=212901777

30. January 21, Computerworld – (International) Downadup worm now infects 1 in every 16 PCs, says Panda Security. The computer worm responsible for the biggest attack in years has infected at least one out of every 16 PCs worldwide, a security company said on January 21, and it may have managed to compromise as many as nearly one in three. According to Panda Security, almost 6 percent of the Windows systems scanned with its antivirus technology were found to be infected with “Downadup,” a worm that began aggressive attacks just over a week ago. Panda was one of the first security firms to sound an alarm over Downadup when it raised its security threat level on January 12 as reports of attacks mounted. Using data from antivirus scans performed by its consumer-grade security software and by a free online scanning tool that it makes available on its Web site, Panda found 111,379 PCs infected with the worm out of a pool of two million machines. “I am pretty confident in this number,” said the chief corporate evangelist at Panda Security, as he cautioned it was just a snapshot. “Conficker is still infecting high volumes of machines and is a fast-propagating worm.” Source:

Communications Sector

31. January 21, Bradenton Herald – (Florida) Verizon service restored for 17,000 customers. Verizon officials said on January 21 that 17,000 customers lost telephone service after a Manatee County construction contractor cut a fiber optic line January 20. Workers restored phone service for 15,000 of those customers by 9:30 p.m., and the final 2,000 got service back at 3 a.m. Wednesday morning, a Verizon spokeswoman said. She said workers had to repair 1,000 feet of fiber optic line after the contractor severed it. Verizon officials are currently conducting a study to assess how much the repairs cost the company, she said. Source: