Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, February 17, 2009

Complete DHS Daily Report for February 17, 2009

Daily Report


 The Greensboro News Record reports that a fire on the roof of the Sherwin-Williams Chemical Coatings plant in Greensboro, North Carolina caused $300,000 in damages Thursday. There was no release of hazardous chemicals from the building, said a fire official. (See item 5)

5. February 13, Greensboro News Record – (North Carolina) Fire damages chemical plant roof. A fire at a Greensboro chemical plant did $300,000 in damages Thursday afternoon. The Greensboro Fire Department said on February 13 that the blaze on the roof of the Sherwin-Williams Chemical Coatings plant was most likely started accidentally by a roofing company using heat guns on the roof. The plant was having its roof replaced. A second alarm for more firefighters was sent out in part because of the windy conditions. Firefighters initially had trouble getting water from an aerial truck onto the roof because of the high wind, but were able to contain the blaze to the roof. The fire did not get inside the building, said the assistant chief of the Greensboro Fire Department, and there was no release of hazardous chemicals from the building. Source:

 According to the Associated Press, a commuter plane coming in for a landing nose-dived into a house in suburban Buffalo, New York, killing all 49 people on board and one person in the home. (See item 14)

14. February 13, Associated Press – (New York) Fiery plane crash in upstate NY kills 50 people. A commuter plane coming in for a landing nose-dived into a house in suburban Buffalo, sparking a fiery explosion and killing all 49 people on board and one person in the home. It was the first fatal crash of a commercial airliner in the United States in two and a half years. Witnesses heard the twin turboprop aircraft sputtering before it went down in light snow and fog around 10:20 p.m. February 12 about five miles from Buffalo Niagara International Airport. Continental Connection Flight 3407 from Newark, N.J., came in squarely through the roof of the house, its tail section visible through the blazing rubble. No mayday call came from the pilot before the crash, according to a recording of air traffic control’s radio messages captured by the Web site Neither the controller nor the pilot showed concern that anything was out of the ordinary as the airplane was asked to fly at 2,300 feet. A spokeswoman for the Department of Homeland Security in Washington said there was no indication terrorism was involved. Source:

See also:


Banking and Finance Sector

10. February 12, New York Times – (National) U.S. seeks new powers to fight tax evasion. The Justice Department is seeking expanded powers to prosecute offshore tax evasion and other financial crimes, including those related to the mortgage industry and potential misuse of government bailout money. The efforts, which have gained traction in recent weeks, could give the agency tougher prosecutorial tools to combat fraud amid the economic downturn. As part of the effort, the agency has thrown its weight behind a Senate antifraud bill that, if passed, would make it easier for the agency to apply money-laundering statutes in cases of suspected tax evasion, particularly those involving offshore accounts. The Justice Department also wants to amend the criminal code to include broader definitions of financial institutions and mortgage lenders, and to extend bank-fraud statutes to nonbank companies, particularly private mortgage lenders like Countrywide. It is also pushing Congress to amend the current major fraud statute to apply to any illegal transactions under the $700 billion Troubled Asset Relief Program, or TARP, and to the multibillion-dollar stimulus package. The antifraud bill was introduced the week of February 2-6 by a Democrat of Vermont, the committee’s chairman, and a Republican of Iowa, a senior member. The bill also seeks money to hire more prosecutors and investigators in various agencies. Source:

11. February 12, Associated Press – (National) FBI probes 530 corporate fraud cases. FBI agents are conducting more than 500 investigations of corporate fraud amid the financial meltdown, the FBI deputy director told the Senate Judiciary Committee on Wednesday. In addition to the corporate fraud cases, the deputy director told lawmakers FBI investigators are tackling an even bigger mountain of mortgage fraud cases in which hundreds of millions of dollars may have been swindled from the system. He said there are 530 active corporate fraud investigations, and 38 of them involve some of the biggest names in corporate finance in cases directly related to the current economic crisis. Source:

12. February 12, New York Times – (Texas) U.S. agents scrutinize Texas firm. Several federal agencies, including the Securities and Exchange Commission (SEC), the FBI and the Internal Revenue Service (IRS), have spent “many months” looking into the business activities of the Stanford Financial Group, which is based in Houston, and a Texas billionaire’s bank based in Antigua, which issues high-yielding certificates of deposit, according to two individuals briefed on the investigations who were not authorized to speak publicly. The focus of the investigations appears to be how the bank could issue CDs that pay interest rates that are more than twice the national average. Stanford, a diversified financial firm that offers a broad array of services, including investment banking and research, holds about $8 billion in deposits at its bank and has about $50 billion in assets in its wealth management affiliate, according to its spokesman. However, a wrongful-termination suit filed in a state court in Texas last summer alleges the asset sizes may have been inflated. The two former Stanford brokers who filed the suit said they had left the firm amid fears they could be implicated in the various “unethical and illegal business practices” they claim to have witnessed. In their suit, they claim Stanford overstated the asset value of individuals in order to mislead potential investors, failed to file mandatory forms disclosing its clients’ offshore accounts, and purged electronic data from its computers in response to an SEC investigation. Stanford, which filed a countersuit against the two men seeking repayment of certain loans, denied the men’s accusations. Source:

13. February 12, WTOV 9 Steubenville – (Ohio) Local bank deactivates debit cards after possible security breach. Many Hancock County Savings Bank customers are without working debit cards after a possible security compromise at Visa. A security breach did not happen at the bank, officials said. The bank said all of its customers’ information is safe, and the debit cards in question were turned off as a security measure. The president of the bank said Visa notified the bank the week of February 9-13 of a possible security compromise affecting some customers’ debit cards. He said that’s all the information Visa provided. He said Hancock County Savings Bank customers’ accounts are secure, and no one’s account or personal information can be accessed. Customers whose debit cards were turned off will receive new cards in the mail within seven to 10 days. For customers who don’t want to wait, the president said the bank can help them use their existing debit card. Source:

Information Technology

40. February 13, Reuters – (National) U.S. tweaks internet privacy guidelines. The U.S. Federal Trade Commission issued new guidance for the self-regulated industry that urges Web sites to tell consumers that data is being collected during their searches and to allow them to opt out. This guidance recommends that mobile companies and Internet service providers also inform customers about data collection and allow users to decline. There are few U.S. laws about the collection and use of data from the Internet, with exceptions of instances where firms fail to live up to advertised promises to protect privacy, or fail to deliver an expected level of data protection. Source:,,25049669-5013040,00.html?from=public_rss

41. February 12, CBC News – (International) Microsoft offers $250,000 to nab author of Conficker worm. Microsoft has announced a $250,000 reward for information leading to the arrest of those responsible for an Internet worm that has been infecting more than two million computers a day for the past five days. The company said in a news release on February 12 that it has also joined forces with several major organizations and firms in the industry an effort to stem the spread of the Conficker or “Downandup” worm, which infects computers running various versions of Microsoft Windows, especially those that have not been patched with a security upgrade issued by Microsoft in October. Norton Antivirus maker Symantec Corp. said on February 12 that in the past five days, an average total of 2.2 million IP addresses have been infected with two different variants of the worm, which was first noticed on the Internet in November. The Internet Corporation for Assigned Names and Numbers is working with Microsoft and Internet security firms to help disable servers used by Conficker. It is the first time Microsoft has put a bounty on the makers of malicious code since 2004, when it posted a $250,000 reward for those responsible for the Sasser worm. Source:

42. February 12, DarkReading – (International) Researchers hack faces in biometric facial authentication systems. A Vietnamese researcher will demonstrate at Black Hat DC how he and his colleagues were able to easily spoof and bypass biometric systems that authenticate users by scanning their faces. The researchers cracked the biometric authentication embedded in Lenovo, Asus, and Toshiba laptops by spoofing the biometric systems with everything from a photo of the authorized user to brute-force hacking using fake facial images. They successfully bypassed Lenovo’s Veriface III, Asus’ SmartLogon V1.0.0005, and Toshiba’s Face Recognition — each set to its highest security level — demonstrating vulnerabilities in the systems that let an attacker cheat them with phony photos of the legitimate user and gain access to the laptops. “The mechanisms used by those three vendors haven’t met the security requirements needed by an authentication system, and they cannot wholly protect their users from being tampered,” the researchers wrote in their paper on the hack. “There is no way to fix this vulnerability,” says one of the researchers, the manager of the application security department at the Bach Khoa Internetwork Security Center at Hanoi University of Technology. “Asus, Lenovo, and Toshiba have to remove this function from all the models of their laptops…[they] must give an advisory to users all over the world: Stop using this [biometric] function.” Source:

43. February 12, Computer World – (International) Apple issues massive security update for Mac OS X. Apple Inc. issued February 12 multiple updates for Mac OS X and Java that patched 55 bugs, including one for its Safari Web browser that prompted a security researcher to blast the company for a halfhearted approach to security. It was the most updates Apple has released in nearly a year. The year’s first bug updates from Apple patched 48 security vulnerabilities in the company’s operating system and ts components, four in Apple’s implementation of Sun Microsystems Inc.’s Java, two nonsecurity flaws it admitted it had introduced with faulty code in Mac OS X 10.5.6, and one fix it said was a “proactive security measure.” The majority of the bugs — 32 altogether — were in open-source components or software not originally crafted by Apple, as in the case of the quartet of Java flaws. According to one of the three researchers Apple credited with reporting the Safari bug, Apple had information about the flaw more than seven months ago. “After six months passed without a fix, I decided to post a warning on January 11, 2009, due to my judgment that this issue could be exploited at any time as long as it remained unfixed,” he said in an entry to his blog February 12, after Apple had delivered its updates. He had posted some information about the bug, as well as a workaround to temporarily disable the RSS feed feature in the browser, in a January 11 warning. The RSS vulnerability — present in both the Mac and Windows versions of the browser — could be used to introduce attack code from a malicious Web site. Source:

Communications Sector

44. February 12, Associated Press – (National) FCC targets some TV stations shutting analog. The Federal Communications Commission (FCC) has told 123 TV stations that were planning to stick to the February 17 cutoff date for analog broadcasts that they will have to justify not extending their transmissions for four months. The affected stations are in areas where all of the major-network stations have applied to turn off their signals on February 17, the commission said in a statement late Wednesday. Full-power TV stations have been planning for years to turn off analog signals on February 17 to make room for more efficient digital broadcasting, two-way wireless data services and emergency communications. But as the deadline loomed, funding ran out for the program that subsidized digital TV converter boxes for older sets. Concerned that households were not sufficiently prepared to tune in to digital broadcasts, Congress passed a bill giving stations the option of waiting until June 12 to turn off. The FCC has asked the targeted stations to certify by February 13 that at least one station in the market will continue to broadcast information about the transition and local news in analog for at least two months. They will also have to, individually or together with other stations, operate call centers and walk-in centers to help viewers tune in to the digital transmissions. Source:

45. February 12, WRUF 850 Gainesville – (Florida) Severed fiber optic line. Phone service is now restored to over 7,000 residents near Gainesville after a fiber optic line was severed. Residents of Alachua, High Springs, La Crosse, and Hague were without phone service for almost 12 hours, leaving them without phone service in an emergency situation. The High Springs police chief says they were able to set up mobile command post to help transfer any emergency calls. Even though they were able to reroute emergency calls, he says it did take about six hours to set up these areas. The severed line did leave landlines as well as cell phones out of service. Source: