Department of Homeland Security Daily Open Source Infrastructure Report

Friday, February 20, 2009

Complete DHS Daily Report for February 20, 2009

Daily Report


 WHNS 21 Greenville and Associated Press report that the Aiken Chemical Company in Greer, South Carolina was evacuated on Wednesday when a carbon monoxide buildup sent 12 people to area hospitals, firefighters said. (See item 8)

8. February 19, WHNS 21 Greenville and Associated Press – (South Carolina) Carbon monoxide buildup sends 12 to hospital. A company in Greer was evacuated on February 18 when a carbon monoxide buildup sent 12 people to area hospitals, firefighters said. The incident occurred at Aiken Chemical Company just before 5 p.m. Firefighters said the plant was running normally when four people passed out in the production area of the facility. They said crews responded and evacuated the plant. The Pelham-Batesville fire chief said preliminary tests seem to indicate that carbon monoxide was present inside the plant. They said forklifts being operated inside the plant may have been the cause of the gas. Hazmat teams from both Spartanburg and Greenville responded to the scene. A decontamination area was also set up for those evacuating the company. Firefighters said East Phillips Street, Shelter Drive, and Shelter Court were closed during the investigation. Source:

 According to USA Today, federal records show that reported cyberattacks on U.S. government computer networks climbed 40 percent during 2008, and more infiltrators are trying to plant malicious software they could use to control or steal sensitive data. (See item 35)

35. February 19, USA Today – (National) Reported raids on federal computer data soar. Reported cyberattacks on U.S. government computer networks climbed 40 percent during 2008, federal records show, and more infiltrators are trying to plant malicious software they could use to control or steal sensitive data. Federally tracked accounts of unauthorized access to government computers and installations of hostile programs rose from a combined 3,928 incidents in 2007 to 5,488 in 2008, based on data provided to USA Today by the U.S. Computer Emergency Readiness Team (US-CERT). “Government systems are under constant attack,” says the counterintelligence chief in the Office of the Director of National Intelligence. “We’re seeing … a dramatic, consistent increase in cyber crime and intelligence activities.” The government does not publicly detail the number or types of attacks that succeed. A commission of government officials and private experts reported in December 2008 that the departments of Defense, State, Homeland Security, and Commerce all have suffered “major intrusions” in which sensitive data were stolen or compromised. Source:


Banking and Finance Sector

16. February 19, SPAMfighter News – (International) Phishers divert targets to hotel websites from banks & ecommerce outlets. According to a team of security experts at FraudTip, phishers have added a new attack in their kitty to deceive hotel customers instead of targeting banking sites. The security company in its report revealed that people wanted to book rooms online at several hotel chains were more vulnerable to be redirected to bogus Web sites resembling almost to the originals. The report also highlighted that the scam was targeted against a large number of hotel chains. Over 71,000 travelers are redirected to bogus Web sites every month, said FraudTip. Moreover, the report findings were released on February 6 and showed that online scams combined with advanced online advertising, Internet browser crimeware, bogus hotel locators, and third party reservation used to divert hotel guest traffic to fake Web sites of well-known hotel chains. The scam hit hardest to Days Inn, Super 8 Motels, and Ramada operated by Wyndham Worldwide, the world’s largest hotel chain located in Parsippany, New Jersey. More than 50,000 tourists trying to book rooms in these hotels are diverted to bogus sites every month. Besides Wyndham Worldwide, nearly 15,862 prospective guests of Comfort Inn controlled by Choice Hotels International situated in Silver Spring, Maryland are redirected to fake Web sites. Chicago-based Hyatt Hotels have become victim of the same scam.


17. February 19, Bloomberg – (National) UBS will disclose names, pay $780 million to U.S. UBS AG, Switzerland’s largest bank, will pay $780 million and disclose the names of some secret account holders to avoid U.S. prosecution on a charge that it helped thousands of wealthy Americans evade taxes. The Justice Department accused UBS of conspiring to defraud the United States by helping 17,000 Americans hide accounts from the Internal Revenue Service. The U.S. will drop the charge in 18 months if the bank reforms its practices, helps prosecutors, and makes payments. UBS will immediately turn over names of about 250 clients, according to people familiar with the matter. By gaining those names, the United States will pierce the veil of Swiss bank secrecy. The IRS, which has sought the names of all U.S. account holders since July, has met resistance from the Swiss government. The final number of account holders Zurich-based UBS must disclose will hinge on future legal battles, according to the agreement. “UBS sincerely regrets the compliance failures,” a chairman said in a statement after the accord was unsealed on February 18 in federal court in Fort Lauderdale, Florida. “Client confidentiality, to which UBS remains committed, was never designed to protect fraudulent acts or the identity of those clients, who, with the active assistance of bank personnel, misused the confidentiality protections.” Source:

18. February 19, Bloomberg – (National) U.S. forced to offer discounts to lure buyers of failed banks. U.S. regulators are being forced to sell the assets of failed banks at a discount to lure buyers spooked by the likelihood of increased loan losses amid a deepening recession. The assets of four banks have been sold to healthier rivals at a combined discount of $107 million this year, the Federal Deposit Insurance Corp. (FDIC) said. The FDIC had to offer a discount just once in 2008, when it engineered 25 bank takeovers. Buyers for banks are in short supply after last year, when regulators closed the most lenders since 50 were shuttered in 1993. A RBC Capital Markets analyst predicts as many as 1,000 more will collapse within five years. The result may be a buyer’s market in which the FDIC will lay out even bigger sums to get rid of seized banks. “There are situations where the government will write you a check to complete a deal,” said the president of closely held Washington Trust Bank. “There is always value in there if you are willing to go in and work for it.” Source:

Information Technology

40. February 18, Computerworld – (International) Researchers detail Intel TXT hacks at Black Hat. Two security researchers fleshed out details on February 18 at the Black Hat conference in Washington of a method they disclosed earlier this year for circumventing Intel Corporation’s new Trusted Execution Technology (TXT) security software. The two-stage attack against TXT (PDF document), which is designed to protect data on PCs, was disclosed in January by two individuals of security research firm Invisible Things Lab in Poland. When first disclosed, they said they had discovered a design flaw in TXT and certain implementation errors in some associated Intel system software that allowed them to bypass any of TXT’s security protections. They also released proof-of-concept code showing how an attacker could use their method to compromise Intel’s implementation of the trusted boot process for Xen and Linux operating systems. In their presentation at the Black Hat hacker conference on February 18, the researchers offered more details on their attack method. They also noted that patching BIOS software would address the system software vulnerabilities, but they added that no easy measure was currently available for tackling the TXT problem. Intel confirmed the problem, which affects mobile, desktop, and server motherboards, “without providing any more details about which exact models are vulnerable,” the researches wrote in their presentation. “We suspect it might affect all recent Intel motherboards and BIOSes.” Intel’s TXT, previously code-named LaGrande, is a relatively new technology designed to provide a trusted way for loading and launching system software such as an operating system kernel or a Virtualization Machine Monitor on a system. The technology is expected to greatly reduce the risk of software being compromised by system-level malware threats such as rootkits. Source:

41. February 18, DarkReading – (National) Black Hat DC: U.S. must consider impact of ‘militarization’ of cyberspace. The United States is unprepared to respond to a cyber-Katrina or cyberwarfare attack and must consider three hot-button issues as the new Administration formulates its cybersecurity strategy: the role of the intelligence community, cyberweapons deployment, and who should be in charge of the nation’s response to a cyberattack, said a cybersecurity and homeland security expert on February 18 during his keynote address at the Black Hat DC conference. The expert, who worked on the U.S. President’s transition team but is not part of the new Administration, had been mentioned as a front-runner for a possible cybersecurity czar position in the Administration. The expert emphasized that he was not speaking on behalf of the Administration, and he would not discuss what recommendations he has given the U.S. President and his team. “Who is in charge [in the event of] a cyber-Katrina?” said the expert, who served on homeland security councils for both previous Administrations and is now a security consultant with Good Harbor. “Is it the FCC? DHS? Commerce? The White House? No one has an answer to that, and that’s pretty darn scary.” As the new Administration fleshes out its policies for cybersecurity, the industry should consider a topic that historically has been “a little taboo.” he says: “The militarization of cyberspace.” The Administration is currently conducting a 60-day review of the nation’s cybersecurity. Source:

Communications Sector

42. February 19, VSAT News – (International) NSSL and Telemar join forces on maritime broadband. NSSL and Telemar Scandinavia have announced a joint partnership for their Maritime Broadband Services, with NSSL’s Cruise IP and Telemar’s Seacall services now both using the same high-quality DVBS2-RCS broadband platform. The two companies have also jointly launched a new DVBS2-RCS Service at the Nittedal Land Earth Station in Norway and integrated it into their existing DVBS2 networks, extending coverage for both NSSL and Telemar Maritime and Land Customers. In conjunction with this, NSSL and Telemar have also taken over the existing DVB-RCS customers from Vizada. By extending the DVBS2-RCS network, NSSL and Telemar now offers one of the world’s most extensive KU maritime broadband coverage areas, providing seamless service across the Pacific, Mediterranean, Caribbean, all Europe and the Middle East, including the Persian Gulf, and the Red Sea. This means that Cruise IP and Seacall vessels are able to easily move between the ocean regions whilst using the same service levels, pricing, and full end-to-end 24/7 guaranteed technical support. Source:

43. February 18, Marketing Daily – (International) Mobile data services on verge of explosion. Like the cell phones that preceded it, mobile data services, in particular mobile Internet, are becoming less luxury and more necessity among U.S. consumers. And the expanded use of those services (also including mobile email, multimedia messaging and photo uploading) could explode in the next two years. According to a survey by Nielsen Company on behalf of Tellabs, 71 percent of U.S. consumers plan to use some sort of mobile data service daily (the company did not have current daily usage information). Among current mobile Internet users, 55 percent planned to increase their usage of mobile data services in the next two years, and 48 percent planned to increase use over the next year. Among non-users, 29 percent planned to start during that same period. “The mobile platform is becoming more and more a part of people’s lives,” the vice president of mobile media for Nielsen told Marketing Daily. “The primary use of these services is communication and convenience.” For the most part, consumers are using mobile data for utilitarian reasons rather than entertainment, the vice president said. According to the survey, 71 percent of current users are using data services to connect to the Internet, 61 percent are using it for email, and 56 percent are using it for multimedia messaging services. Among non-users, nearly half (49 percent) said they anticipated using mobile Internet services, 38 percent said they expected to use multimedia messaging. Thirty-four percent said they would use it to upload photos, and 28 percent said they planned to use mobile email. Source:

44. February 18, United Press International – (International) Satellite traffic control system urged. The recent collision of U.S. and Russian satellites has prompted the call for creation of an International Civil Space Situational Awareness system. A consultant for the Secure World Foundation in Superior, Colorado proposed the concept on February 17 in Vienna during a meeting of a subcommittee of the U.N. Committee on the Peaceful Uses of Outer Space. The consultant said the collision produced an enormous amount of orbiting debris that is threatening spacecraft launched by several nations. “The owner or operator of a particular satellite usually has excellent knowledge about the position of that satellite in space, but little to no information about the locations of other objects around them,” he told the subcommittee, noting the concept has been a part of military space activities for years, but there is also a need for such a system in the civil world. “Such a network is very expensive to create and maintain, and only the United States has thus far developed one,” the consultant said. “And while the United States’ space surveillance network does provide the most complete SSA data in the world, it still has significant limitations due to the lack of coverage in areas where the United States does not have a presence.” He said such an informational system “could not only mitigate future collisions, but enhance cooperation, transparency and future space governance issues.” Source:{4E92462A-B3D5-489C-9EFC-8F90950720DE}&dist=msr_1