Department of Homeland Security Daily Open Source Infrastructure Report

Thursday, March 5, 2009

Complete DHS Daily Report for March 5, 2009

Daily Report


 WJLA 7 Washington, D.C. reports that investigators said Wednesday a faulty altimeter played an important role in a Turkish Airlines crash that killed 9 people in the Netherlands. Boeing has been instructed to warn clients of the problem. (See item 15)

15. March 4, WJLA 7 Washington, D.C. – (International) Bad altimeter a factor in Netherlands plane crash. Investigators said Wednesday a faulty altimeter played an important role in a Turkish Airlines crash that killed 9 people in the Netherlands. The Dutch Safety Authority said the plane was being landed on automatic pilot and the problem with the altimeter, a device that measures altitude, led to a loss of airspeed before the crash. The chief investigator said the airplane had twice before experienced problems with its altimeter. Boeing has been instructed to warn clients of the problem, he said. At 1950 feet “the airplane’s left radio altimeter suddenly registered a change in altitude” of negative 8 feet. “It didn’t only register it, but passed it on to the automatic steering system,” the investigator said. According to conversation recorded between the plane’s captain, first officer and an extra first officer on the flight, the pilots noticed the faulty altimeter but did not consider it a problem and did not react. Gas to the engines was reduced and the plane lost speed, decelerating until, at a height of 450 feet the plane was about to stall, and warning systems alerted the pilots. “From the “black box” (data recorders) it appears that then the pilots immediately gave gas, full gas, however it was too late to recover,” the investigator said. Source:

 According to the Associated Press, a wildfire has burned 6,500 acres on Fort Carson in Colorado. No structures have been destroyed and no injuries have been reported in the fire, which was 10 percent contained by Tuesday. (See item 28)

28. March 4, Associated Press – (Colorado) Warm, windy weather faces Ft. Carson firefighters. Firefighters are working against warm and windy weather as they battle a wildfire that has already burned 6,500 acres on Fort Carson near Colorado Springs. Temperatures were expected to reach near-record levels in the 70s on March 4. No structures have been destroyed and no injuries have been reported in the fire, which was 10 percent contained by March 3. More than 100 firefighters were on scene. The fire started on the morning of March 3 on a training range that was being used by soldiers. A Fort Carson spokeswoman says the area usually is not used for live-fire training and she did not know whether live ammunition was in use there on March 3. The cause of the fire has not been determined. Source:


Banking and Finance Sector

13. March 4, Bloomberg – (National) FDIC’s Bair says insurance fund could be insolvent this year. The Federal Deposit Insurance Corp. (FDIC) chairman said the deposit insurance fund could dry up amid a surge in bank failures, as she responded to an industry outcry against new fees approved by the agency. “Without these assessments, the deposit insurance fund could become insolvent this year,” the chairman wrote in a March 2 letter to the industry. U.S. community banks plan to flood the FDIC with about 5,000 letters in protest of the fees, according to a trade group. “A large number” of bank failures may occur through 2010 because of “rapidly deteriorating economic conditions,” the chairman said in the letter. “Without substantial amounts of additional assessment revenue in the near future, current projections indicate that the fund balance will approach zero or even become negative.” The FDIC recently approved a one-time “emergency” fee and other assessment increases on the industry to rebuild a fund to repay customers for deposits of as much as $250,000 when a bank fails. The fees, opposed by the industry, may generate $27 billion this year after the fund fell to $18.9 billion in the fourth quarter from $34.6 billion in the previous period, the FDIC said. The fund was drained by 25 bank failures last year. Source:

14. March 4, Financial Times – (National) FDIC braced for surge in mortgage fraud. The Federal Deposit Insurance Corporation (FDIC) is pursuing criminal cases over mortgage fraud involving potential losses of $7.5 billion, and investigating thousands more complaints the agency’s head has revealed. She said on March 3 the FDIC was preparing for a surge in civil cases against mortgage brokers and other third parties that had defrauded lenders that had subsequently failed. It is part of the agency’s remit to manage bank failures and monitor fraud. “Cracking down on mortgage fraud in particular is a safety and soundness issue for both the banking industry and the housing markets,” the agency’s head told the National Association of Attorneys General. “Mortgage fraud is now a very big priority for us.” Source:

Information Technology

34. March 3, MSNBC – (International) Computer alert: New social networking computer worm. A warning has been issued for users of Facebook, MySpace, and other social networking sites about a new strain of the “koobeface” worm. Security experts say the latest version arrives as an invitation from a user’s friend or contact, inviting them to click on a link and view a video at a fake YouTube site and install an Adobe flash plug-in. Instead, the worm installs a trojan horse program, giving control of the infected user’s computer. Trend Micro, which documented the new strain, recommends using caution when clicking on links in unsolicited messages, even if they appear to come from someone a user knows. Source:

35. March 3, DarkReading – (International) Only 1 percent of SSL-Secured sites use extended validation SSL. Two years after its rollout, the more secure Extended Validation Secure Sockets Layer (EV SSL) digital certificate for authenticating Web sites and securing Web sessions is used on more than 11,000 Web sites worldwide. But that is only 1 percent of the 1.03 million sites currently secured with SSL certificates, according to Netcraft. Meanwhile, calls for EV SSL adoption have intensified amid concerns of new man-in-the-middle (MITM) attacks targeting newly discovered weaknesses in SSL, namely the MD5 encryption algorithm hack that allows the creation of forged CA and X.509 digital certificates, and the MITM attack demonstrated at Black Hat DC that basically makes users think they are visiting a secure Web site when they are not. SSL-secured sites with EV SSL display a green address bar when used with the latest versions of most major Web browsers. The green address bar bears the name of the Web site’s organization that owns the certificate, as well as the authority that issued it. EV SSL ensures that the site is legitimate, and that the session is encrypted and secured. According to Netcraft’s latest numbers on EV SSL adoption, today’s main adopters are the world’s most traveled Web sites; more than one-fourth of SSL certificates in the top 1,000 sites use EV SSL. And most of the most popular browsers support it, so more than 70 percent of all Internet users are using EV SSL-ready browsers currently, Netcraft says. Source:

Communications Sector

Nothing to report.