Department of Homeland Security Daily Open Source Infrastructure Report

Friday, March 6, 2009

Complete DHS Daily Report for March 6, 2009

Daily Report


 The Rome News-Tribune reports that about 100 police officers responded to a spill of hydrochloric acid at a steel wire manufacturer in Rome, Georgia on Wednesday. The spill occurred when the steel frame of an 8,000-gallon tank broke. (See item 5)

5. March 4, Rome News-Tribune – (Georgia) Industrial chemical spill leads to evacuations, road closings; several treated. About 100 police officers responded to a spill of hydrochloric acid at Bekaert in Rome on Wednesday, said the Rome Police chief. At a press conference, emergency officials said the spill occurred when the steel frame of an 8,000-gallon tank broke. The spill was contained to a retaining wall around the tank, according to the plant manager. Several people were treated for inhalation injuries, including 16 at local hospitals and four at a triage center at the Gilbreath Recreation Center in Lindale, said a spokesman of Floyd EMS. Red Cross volunteers have been sent to provide food and drinks for evacuees and emergency personnel. Police radio traffic indicated the spill was hydrochloric acid. Police officers responded to the spill just eight minutes after it occurred, officials said. A perimeter was immediately set up around the area, and in addition to responding to the spill, law enforcement focused on managing traffic and getting people out and around the area. Bekaert manufactures drawn steel wire products. Source:

 According to the Houston Chronicle, a King Fisher Marine Service LP employee was killed Tuesday as he and crewmembers were moving a dredge in the Houston Ship Channel. (See item 15)

15. March 3, Houston Chronicle – (Texas) Worker dies in dredge accident on Houston Ship Channel. A King Fisher Marine Service LP employee was killed Tuesday as he and crewmembers were moving a dredge in the Houston Ship Channel, a company spokesman said. The King Fisher dredge, which works to deepen the ship channel, was being moved to a new job site when an accident with machinery aboard the dredge occurred. “We are conducting an investigation,” the spokesman said. Initial reports from the Harris County Sheriff’s Office indicated a crane aboard the dredge had struck the employee. But there is no crane aboard the dredge, according to company officials. The accident occurred at about 11 a.m. near the San Jacinto Monument. The crewman, whose name is being withheld until his family can be notified, died at the scene, officials said. The U.S. Coast Guard and the U.S. Occupational Safety and Health Administration were notified about the accident. Source:


Banking and Finance Sector

10. March 4, Reuters – (National) UBS refuses to give U.S. names, replaces chairman. Switzerland’s largest bank held its ground on March 4 in a dispute with the U.S. government, refusing to disclose the names of tens of thousands of rich American clients suspected by U.S. authorities of using secret Swiss bank accounts to dodge U.S. taxes. A senior executive for UBS AG said at a Senate hearing that the bank regrets breaking U.S. tax laws, but it does not intend to hand over the client names being sought in a U.S. Internal Revenue Service lawsuit. “UBS has now complied…to the fullest extent possible without subjecting its employees to criminal prosecution in Switzerland,” said the chief financial officer of UBS Global Wealth Management and Swiss Bank. The hearing convened hours after UBS announced that Swiss politician will replace the current chairman, completing a top management clearout designed to drag the beleaguered bank out of its deepest ever crisis. Source:

Information Technology

31. March 5, Associated Press – (International) Hacker gets 4 years in prison over malware install. A Los Angeles computer security consultant has been sentenced to four years in federal prison for using malicious software that turned thousands of computers into “zombies” so he could steal private information. Prosecutors say the 27-year-old was sentenced on March 4 after pleading guilty last April to computer fraud. Prosecutors say the defendant and his associates created “botnets,” armies of infected computers, to steal individuals’ identities by extracting information from their personal computers. The defendant also worked as a consultant with a Dutch Internet advertising company to defraud it with his botnets. He was ordered to pay $19,000 in restitution to PayPal and other companies. Source:

32. March 4, DarkReading – (International) ‘Tigger’ trojan keeps security researchers hopping. It is malware that actually removes other malware from its victims’ PCs. And so far, nobody is exactly sure how it is being distributed. Security experts are buzzing about a new Trojan called Tigger.A, also known as Syzor. The data-stealing malware has quietly claimed about 250,000 victims since it was first spotted by security intelligence company iDefense in November 2008, according to a Washington Post report. Tigger.A allows attackers to gain access to “administrator” privileges on Windows machines, even if the user himself doesn’t have those privileges, according to the report. It takes advantage of a vulnerability (MS08-066) in Windows’ “privilege escalation” feature that Microsoft revealed, and patched, in October. “Tigger removes a long list of other malicious software titles, including the malware most commonly associated with Antivirus 2009 and other rogue security software titles,” the report says. “iDefense analysts say this is most likely done because the in-your-face, “Hey, your-computer-is-infected-go-buy-our-software!” type alerts generated by such programs just might tip off the victim that something is wrong with his system, and potentially lead to all invaders getting booted from the host PC.” The Trojan also installs a rootkit on the infected system that loads even when the system is started up in safe mode, an iDefense researcher says in the report. “The scary part is, none of us are really sure how Tigger is even being distributed,” he said. “I look at a lot at info-stealing malware, and this is the first one I’ve seen in a while that goes to the trouble of removing other pieces of malware.” Tigger’s ability to collect user data also is impressive, an IT expert noted in his blog. Source:

33. March 4, CNET News – (International) Firefox 3.0.7 targets security issues. Mozilla on March 4 released an update to the Firefox Web browser that its developers said fixes eight security issues found in Firefox 3.0.6, six of which were rated critical. The most serious of the vulnerabilities fixed in version 3.0.7 could allow attackers to run arbitrary code on a victim’s computer, Mozilla warned in security advisories on March 4. The six critical flaws affect the browser’s garbage collection, which monitors how Firefox modules use the computer’s memory, as well as the browser’s PNG libraries and in the layout and JavaScript engines. Mozilla developers said they weren’t sure the layout and JavaScript flaws could be exploited. “Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code,” Mozilla said in an advisory. Source:

Communications Sector

34. March 3, CNET News – (New Jersey) Comcast runs trial Wi-Fi service at NJ transit stations. In an effort to keep/acquire new broadband customers, Comcast is testing Wi-Fi service at about 120 New Jersey Transit rail stations, according to DSLReports. The trial is for existing customers only and is designed to gauge user interest, a spokeswoman said, adding that no formal announcement of the service has been made. The move comes after Cablevision launched its Optimum Wi-Fi program throughout the tristate area last fall. The two companies are collaborating to extend the reach of their wireless networks, enabling Comcast customers to access their operator’s Wi-Fi at train stations in Cablevision territory and vice versa. Although the two companies worked together on technical tests, the Comcast and Cablevision services in New Jersey will remain entirely separate, though there will apparently be some gear cohabitation. Source: