Department of Homeland Security Daily Open Source Infrastructure Report

Wednesday, February 18, 2009

Complete DHS Daily Report for February 18, 2009

Daily Report


 According to the Associated Press, authorities said an explosion at the Merit Energy facility in Manistee County, Michigan on Friday injured one worker and caused a release of poisonous hydrogen sulfide gas. (See item 4)

4. February 14, Associated Press – (Michigan) Explosion causes gas leak in Manistee County. Authorities said an explosion at an energy plant in Manistee, Michigan has injured one worker and caused a release of poisonous hydrogen sulfide gas. The Ludington Daily News reported the explosion happened about 3 p.m. Friday. A Manistee County administrator said a plant employee was taken to the hospital for treatment of minor burns. State Police said people living within a 1-mile radius of the Manistee Township plant initially were advised to stay in their homes and seal doors and windows. The gas leak was reportedly stopped late Friday afternoon and police said the incident was declared over by 5:15 p.m. The Merit Energy facility processes natural gas from wells in Manistee, Mason, and Oceana counties, including wells that contain high concentrations of hydrogen sulfide. Source:

 Gannett New Jersey reports that the discovery of a powdery substance in a letter sent to Bayer Health Care Pharmaceuticals in Morris County, New Jersey on Monday triggered an evacuation of the Bayer facilities and the decontamination of eight workers who were exposed to the letter. (See item 21)

21. February 17, Gannett New Jersey – (New Jersey) Powdery substance forces evacuation at NJ-based Bayer Pharmaceuticals. The discovery of a powdery substance in a letter sent to Bayer Health Care Pharmaceuticals in Pine Brook triggered an evacuation of the Bayer facilities on February 16 and the decontamination of eight workers who were exposed to the letter, authorities said. Local, county, and federal authorities converged at the facility after receiving a call about the letter at 10:39 a.m., said a spokesman for the Morris County Prosecutor. Members of the Morris County Prosecutor’s Weapons of Mass Destruction Assessment team, the Morris County Sheriff’s CIS, Morris County Haz-Mat, Montville police, fire, and health departments, and U.S. postal inspectors all responded to the scene, the spokesman said. The eight Bayer employees who were exposed to the letter were decontaminated as a precautionary measure. None of the Bayer employees were injured or transported to the hospital. The Morris County Prosecutor said authorities contacted the FBI, and the substance will be transported to the Department of Health’s Senior Services Laboratory for further testing on February 17. Authorities declined to comment on the possible origin and nature of the letter, citing the ongoing investigation. Source:


Banking and Finance Sector

14. February 16, WLNS 16 Lansing – (Michigan) Local credit union warns about scam. The MSU Federal Credit Union was the recent target of a text messaging scam. A text message sent to members claimed the recipient’s account had been locked and gave a phone number the member should call to restore their account. That number has now been disconnected, and a credit union spokesman says that no account information was compromised. A spokesman for MSU Federal Credit Union said, “MSU Federal Credit Union would never request personal information via email, phone or a text message. We just do not do that. We do not need that information. We have it.” Credit union officials say anyone receiving a suspicious message should contact the credit union directly. Source:

15. February 14, Bloomberg – (National) Four more U.S. banks are shut, bringing total for year to 13. Banks in Florida, Illinois, Nebraska and Oregon were shut by state regulators, boosting the toll of failed institutions to 13, as a worsening economy and slumping housing market pushes home foreclosures to records. Riverside Bank of the Gulf Coast in Cape Coral, Florida; Sherman County Bank in Loup City, Nebraska; Corn Belt Bank and Trust Co. of Pittsfield, Illinois; and Pinnacle Bank of Beaverton, Oregon were closed by state regulators on February 13. The Federal Deposit Insurance Corp. (FDIC) was named receiver. TIB Bank of Naples, Florida will buy Riverside’s $424 million in deposits, except $142.6 million in brokered deposits, for a 1.3 percent premium. Heritage Bank of Wood River, Nebraska will pay a 6 percent premium for Sherman County’s $85.1 million in deposits. Carlinville National Bank of Carlinville, Illinois will assume Corn Belt’s $234.4 million deposits for a 1.75 percent premium. Washington Trust Bank of Spokane, Washington assumed Pinnacle’s $64 million of deposits, the FDIC said. Source:

Information Technology

37. February 16, Times South Africa – (International) PC virus invades Germany. A computer virus which has already hit defense computers in Britain and France has spread to German military systems, the Defense Ministry in Berlin said on February 14. The Conficker computer worm has exasperated computer users right around the globe in recent weeks, but security-conscious military users had been thought to be better prepared to repel it. The spokesman said several German armed forces sites had to be disconnected from the military network after hundreds of computers were taken over by Conficker. However, no other disruptions were reported. He said army computer recovery specialists and a private company were ridding the computers of the virus. France suffered a military outage from the worm in mid-January. Britain’s Defense Ministry has also admitted problems with it. Microsoft has posted a reward of $250,000 for the capture of the person who spread the virus, which takes over Windows operating systems, attempts to crack passwords and downloads malware from the Internet. Source:

38. February 16, The Register – (International) Hackers: BitDefender site exposes private data (yet again). Romanian hackers have discovered a security flaw in the Web site of anti-virus provider BitDefender. They said it was the second time in a week the company has inadvertently exposed a database that is supposed to remain private. According to an item posted to HackersBlog, BitDefender’s main Web site can be tricked into disclosing database contents by embedding commands into the URL. “This parameter gives access to the DB,” a hacker reported. “I will not publish too much now as I am waiting for the problem to be solved.” The hacker went on to say he had reported the vulnerability to the site’s Web master but had received no reply. “Therefore, knowing they read our articles, I will let them know here that they have a vulnerable parameter,” he wrote. A BitDefender spokesman confirmed the site had an unchecked parameter that was fixed on February 14. But he denied the flaw exposed any private information or resulted in an SQL injection. The week of February 9-13, HackersBlog reported a separate vulnerability in, the authorized seller of BitDefender software for Portuguese-speaking customers. It had the potential to expose names and email addresses of people who used the site. The company has yet to say whether any such information was accessed. Source:

Communications Sector

39. February 16, WTVY 4 Dothan – (Alabama) Wireless providers limit 911 ability. A state report says two wireless providers are not providing local first responders with enough data to locate someone in an emergency. The board had questioned whether issues with the system were with e-911 workers and equipment, or with service providers. “Phase 2” compliance allows a 911 operator to immediately locate a caller who is calling from a cell phone. All carriers except Verizon and T-mobile were fully functional as of this week. On February 16, an individual with the wireless board explained the situation to e-911 board members. “That is an issue with the wireless providers; both providers are people who I believe that once we make a few phone calls it will be resolved in a short time.” Source: