Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, February 24, 2009

Complete DHS Daily Report for February 24, 2009

Daily Report


 According to, top NASA managers said that a potentially catastrophic problem with propulsion system flow valves have sidelined Discovery’s STS-119 launch to an unknown date. (See item 7)

7. February 20, – (National) Sense of unease leads to indefinite space shuttle launch delay. Citing a “sense of unease,” top NASA managers said that a potentially catastrophic problem with propulsion system flow valves have sidelined Discovery’s STS-119 launch to an unknown date. NASA’s long-term goal is to redesign the valves, said a Space Shuttle program manager. The potential for valve failures existed long before problems surfaced during Endeavour’s STS-126 launch in November, a fact confirmed by the associate administrator for Space Operations, who said “the problem has been with us from the very first shuttle flight.” During Endeavour’s thunderous ascent, one of the three main engine valves allowed extra volatile hydrogen to flow through the propulsion system. The other two valves compensated and maintained flow at a safe level, but the sudden drop in pressure was alarming. In addition, post-flight inspections showed that metal material was missing from one of the valves. Later analysis also showed that grooves resulting from the manufacturing process could actually hide minute cracks. Upcoming missions could be allowed to fly “as is” if engineers can prove that the valves will perform safely, said the program manager. But that analysis will take an unknown amount of time. Source:

 The Associated Press reports that an improvised chemical bomb set off in front of a Smith’s grocery store in Albuquerque, New Mexico on Friday, injuring 15 people. (See item 34)

34. February 23, Associated Press – (New Mexico) Chemical bombs found at local stores. Over the weekend, the Albuquerque Police Department’s Bomb Squad responded to three bomb calls. At two of the calls, they found chemical bombs. The first one was left in front of a northeast Albuquerque Smith’s on February 20. When the bomb squad arrived, they found the chemical concoction and took it in as evidence, along with two juveniles. The improvised bomb left 15 people injured. The next day, another chemical bomb was found in a Target alleyway on Montgomery and Wyoming. Police were able to take the bomb into evidence before it exploded. It will take a day at the lab to determine if the chemicals inside both bombs are similar. Sunday morning the bomb squad was called out again to Albuquerque Academy, a local school. The security guards on campus spotted a suspicious looking package made of two PVC pipes that was left outside the school’s music department. The package turned out to be a homemade musical instrument. Source:


Banking and Finance Sector

8. February 23, SPAMfighter – (International) Lloyds Banking Group cautions customers against phishing attacks. Lloyds Banking Group (LBG), which came into existence in January 2009 with Lloyds Trustee Savings Bank taking over Halifax Bank of Scotland, apprehends that there could be a wave of phishing attacks aimed at its customers due to the acquisition. Consequently, the bank is alerting its customers as well as asking them to remain vigilant of scammers attempting to trick them into giving away their password and account information through phishing e-mails. Moreover, describing the act of phishing, the bank stated it involves online fraudsters who send e-mails to the bank’s customers, posing as communications from the bank. The e-mails typically ask the recipient to click on a link that actually connects to a phishing site designed to appear like the actual banking site, where the user is prompted to enter his security credentials and account number, eventually leading to a phishing fraud. In addition, the bank provided consumers a clue that could help them identify phishing messages. Since LBG, it said, would never represent a consumer trademark, any e-mail coming under Lloyds’ name would certainly be fake. Furthermore, the bank writes on its Web site that it would not send e-mail to its customers asking them to visit the Web site for providing their online banking particulars. Hence, if any customer gets an e-mail of this kind, he/she should avoid it. Source:

9. February 21, American Free Press – (International) Swiss court blocks bank data sharing with U.S.: report. A Swiss tribunal has barred financial regulators from handing banking information of UBS bank clients to U.S. authorities investigating tax fraud, ATS news agency reported. Siding with a complaint from UBS clients, the tribunal on February 20 issued an order forbidding Swiss bank regulator FINMA from giving the plaintiffs’ “banking documents to third parties, particularly U.S. authorities,” ATS said. The tribunal’s decision came amid U.S. Justice Department efforts to break through Switzerland’s banking secrecy to go after tax cheats hiding their money in the European country. UBS, Switzerland’s biggest bank, reached a settlement with U.S. authorities on February 18 in which it admitted to U.S. tax fraud and agreed to pay $780 million. The bank was also ordered to hand over details of 250 to 300 U.S. clients. But UBS rejected a new U.S. government lawsuit filed February 19 asking that the bank disclose the identities of some 52,000 U.S. customers who allegedly evaded taxes. Source:

10. February 20, CNN Money – (Oregon) Regulators close Oregon’s Silver Falls Bank. U.S. bank regulators closed Silver Falls Bank on February 20, the fourteenth U.S. bank to fail this year. The Federal Deposit Insurance Corp (FDIC) said Silver Falls Bank, of Silverton, Oregon, had $131.4 million in assets and $116.3 million in deposits, as of February 9. In addition to acquiring all of the failed bank’s deposits, Citizens Bank of Corvallis, Oregon agreed to purchase about $13 million in assets comprised of cash, cash equivalents, securities, overdraft loans, and deposit secured loans, the FDIC said. The failure is expected to cost the FDIC deposit insurance fund an estimated $50 million, the FDIC said in a statement released late on February 20. Citizens Bank had agreed to assume all of the deposits of Silver Falls Bank, whose three branches will reopen on February 23 as branches of Citizens Bank, the FDIC said. Source:

Information Technology

30. February 23, BBC News – (International) Warning of infected auction tool. A third-party add-on for eBay used by thousands of sellers is being flagged by Google as potentially malicious, after it became infected with a Trojan. Auctiva provides tools for sellers on the popular auction Web site. The company confirmed a virus had attached itself to files on its servers but remedied the problem soon after. However, Google continues to warn users searching for the site that it “may potentially harm your computer.” The Trojan, called Adclicker, is classed by security specialist Symantec as a “very low risk.” It is designed to “artificially generate traffic to certain web sites” and is used by malicious hackers to boost clicks to online banner adverts or to inflate Web statistics. On its community forum Auctiva said that it had “initiated a request with Google to have our site cleared from being reported as a malicious site.” Google works in partnership with the organization to warn users about potentially malicious Web sites that are infected with viruses and Trojans. More than 186,265 Web sites have been reported to StopBadware for hosting malicious programs or Web scripts, which can damage a computer or, in extreme cases, hijack a machine. Users first flagged the problem with the Auctiva site recently after anti-virus software began to warn there could be a problem with the service. Source:

31. February 21, PC World – (International) Scam antivirus app spreads malware. Web users have been warned about a new scam that posts fake product reviews in a bid to encourage people to buy a rogue security application called Anti-virus-1. The app is one of a number of bogus security products which promise to provide protection against the latest online threats, but instead have been designed to spread malware or hold users’ PCs to ransom. But if a user uses the Internet to research Anti-virus-1, it is possible the user will find a number of glowing reviews, because the tool is posting fake articles online which appear to be endorsed by a number of the Web’s top tech sites, including PC Advisor. In reality, the likelihood of an individual coming across an Anti-virus-1 review is slim. According to the owner of technology site, fake reviews will only be seen by those who install the rogue security app. He said that when he installed Anti-virus-1, which also goes by the name Antivirus2010, it added a series of entries into the Windows hosts file which direct users to what appear to be the Web sites of a number of U.K. and U.S. tech sites. That means those with Anti-virus-1 running on their PC may be directed to bogus reviews. The software has never been tested by PC Advisor, and the fake review is not hosted on the PC Advisor site. Other sites apparently targeted by the scam include PC Magazine and TechRadar. Source:

Communications Sector

32. February 21, – (International) Symbian users lured by ‘Sexy View’ malware. Security experts are warning Symbian users of a new Trojan attack. The China-based ‘Sexy View’ malware has been targeting handsets running the Symbian S60 Third Edition software. Earlier versions of the system are not believed to be vulnerable. The malware spreads via a text message under the headings ‘sexy view’ or ‘play boy,’ according to security firm F-Secure. The attacks target English and Chinese language handsets. Rather than targeting a specific vulnerability in the Symbian software to install itself, Sexy View uses its suggestive name to trick curious users into manually installing the malware. Once installed, the malware attempts to turn off several application management utilities, and then opens a connection to a remote server. From there, user details are collected and archived, and text messages are sent to everyone in the victim’s contact list. “This is something we don’t see very often,” F-Secure said in a security bulletin. “There are spy tools and other privacy threats directed at S60 Third Edition phones, but malware is still mainly an issue on S60 Second Edition phones.” Researchers noted that the malware does not attempt to hide itself, and users can manually remove it through the handset’s App Manager Tool. Sexy View is the latest in what security experts expect will be a growing crop of mobile malware in 2009. Source:

33. February 21, Fort Mill Times – (Idaho) Homeland Security backs Idaho cell phone tower. A proposed cell phone tower on Galena Summit in central Idaho fits with the Department of Homeland Security’s plans to expand a public safety network, an Idaho official with the agency says. The official made his comments February 19 at a U.S. Forest Service public meeting in Ketchum, the Times-News reported. He also passed out a letter sent in December 2008, by the governor, who supports the tower because he said improving emergency communications in the remote but popular recreation region outweighs environmental concerns. Some have argued that the tower will detract from the scenic qualities of the rugged region which includes the Sawtooth National Recreation Area, popular with outdoor enthusiasts. The Forest Service last summer rejected the proposed 90-foot tower designed to look like an evergreen tree that would be built just north of State Route 75, which climbs to 8,701-foot Galena Summit. But last fall a regional official with the Forest Service reversed the decision, saying not enough opportunity for public comment had been allowed. Source: