Department of Homeland Security Daily Open Source Infrastructure Report

Wednesday, March 11, 2009

Complete DHS Daily Report for March 11, 2009

Daily Report


 According to the Burlington Free Press, Noble Environmental Power’s Altona, New York wind farm was shut down on March 6 after a wind-tower collapsed, sparking a fire. (See item 3)

3. March 10, Burlington Free Press – (New York) Tower collapse closes wind farm. Noble Environmental Power’s Altona, New York wind farm was shut down on March 6 after a wind-tower collapsed, sparking a fire. “We have shut down the entire Noble Altona Windpark pending further information,” the Essex, Connecticut-based company said. A company spokeswoman provided few additional details on March 9 and said more information would be relayed in future written statements. After the collapse of one tower, the site was secured, the fire was extinguished, no employees were injured, and there has been no danger to the public, the company said. The assistant director of the Clinton County Office of Emergency Services said the incident occurred at about 11 a.m. on March 6. “They are certainly investigating to make sure there wouldn’t be another collapse,” he said. “But they certainly have to do a lot more investigating to figure out why it did collapse.” Source:

 The Associated Press reports that 11 major airports are struggling to meet federal requirements that runways be surrounded by safety areas that give runaway planes extra room to stop, according to a new report from the Transportation Department’s Inspector General. (See item 12)

12. March 10, Associated Press – (National) Runway safety improvements lag at busy airports. Eleven major airports are struggling to meet federal requirements that runways be surrounded by safety areas that give runaway planes extra room to stop, according to a new report from the Transportation Department’s Inspector General. The airports account for nearly one quarter of the nation’s air passenger travel. All the airports have been working for years to come up with solutions, but often there is no place to send runaway planes because the airports are hemmed in by highways, water, buildings or other obstructions. Between 1997 and 2007, 75 aircraft overran or veered off runways, resulting in nearly 200 injuries and 12 deaths, the report said. The Federal Aviation Administration has allowed some airports that do not have enough room for full-size safety areas to install crunchable concrete beds called “engineered material arresting systems” at the ends of runways. The beds are designed to stop or slow planes, not unlike the way gravel-covered ramps on highways stop runaway trucks. Source: See also:


Banking and Finance Sector

10. March 10, Pittsburgh Tribune-Review – (Pennsylvania) Police in Butler County issue warning against phone scam. State police issued a warning on March 9 about a phone scam after several residents in Butler County received phone calls in recent days from an agency identifying itself as Farmer’s National Bank and asking for personal information such as bank account and credit card numbers. The callers identify themselves as Farmer’s National Bank representatives and say there is trouble with the accounts of those who receive the calls. Troopers said the scam is being operated by unknown persons utilizing an automated phone system to fish for information about an individual’s bank accounts. Police advise anyone who receives such a call to hang up and to monitor their bank and credit card accounts. Source:

11. March 9, Agence France-Presse (International) Bomb explodes outside Citibank branch in Athens. A bomb exploded outside a Citibank branch north of Athens early on March 9, causing significant damage but no apparent injuries, Greek police said. The bomb had been placed behind the bank in the suburb of Psychiko. Two cars were also damaged in the blast, a police source said. The 3:00 a.m. explosion was triggered by wire, police said. A month ago police defused a powerful car bomb outside the bank’s Athens headquarters in the district of Kifissia, a few miles away from the branch targeted on March 9. The bomb, consisting of two clocks, batteries and fertilizer-based explosives packed in five gas cylinders, was hidden in the car trunk and could have taken out the building had it detonated, police said. No arrests were made over that attack but police suspect the involvement of Revolutionary Struggle, Greece’s most dangerous far-left organization that is best known for a rocket attack on the American embassy in 2007. Source:

Information Technology

31. March 9, Computerworld – (International) Foxit PDF viewer open to attack, say researchers. Security researchers on March 9 warned of several vulnerabilities in Foxit, a free PDF document viewer that has been recommended as an alternative to Adobe Reader, which currently contains an unpatched critical bug of its own. Foxit Software Co. patched its namesake on March 9 to plug three holes. One of the three vulnerabilities is in the same JBIG2 image compression format fingered by researchers last month as the root of the bug in Adobe System Inc.’s popular Reader and Acrobat applications. The flaw in Adobe’s software, which has been exploited by hackers since at least early January, will not be patched until March 11, according to Adobe’s schedule. The Foxit and Adobe bugs are unrelated, however, except for the fact that they are both in the code that parses JBIG2 images, said the chief technology officer at Secunia, the Danish company that reported the flaw to Foxit. “It is a completely different vulnerability related to JBIG2,” he said in an e-mail on March 9. It was Adobe’s confirmation of its bug that prompted Secunia researchers to dig into other PDF viewers. “We did, however, start the research in Foxit out of curiosity based on the Adobe vulnerability, and discovered this new vulnerability,” the chief technology officer said. Secunia reported the bug to Foxit on February 27. The remaining two bugs in Foxit were reported February 18 by Core Security Technologies, a developer of penetration testing software. One of the vulnerabilities can trigger a buffer overflow, while the other could be used by attackers to circumvent security warnings. Source:

32. March 9, DarkReading – (International) No user action required in newly discovered PDF attack. Merely storing, without opening, a malicious PDF file can trigger an attack that exploits the new, unpatched zero-day flaw in Adobe Reader, a researcher has discovered. A researcher and IT security consultant with Contrast Europe NV on March 9 released a proof-of-concept demonstration that shows how a file infected with the Adobe flaw can trigger a new attack when the machine uses Windows Indexing Services. And the user does not even have to open or select the document. In addition, the researcher last week released a proof-of-concept demonstrating how PDF files could be exploited with minimal user interaction, just saving it to the hard drive and viewing it in Windows Explorer. But this latest attack vector is more risky, he says, because the user does not have to do anything with the file at all. “It requires no user interaction, and for the Windows Indexing Service, it can lead to total system compromise [with] privilege escalation,” the researcher says. Source:;jsessionid=VN5UHGATDKTMQQSNDLRSKH0CJUNN2JVN?articleID=215801319

Communications Sector

33. March 9, Associated Press – (International) Iridium replaces satellite smashed in collision. Iridium Satellite LLC said on March 9 that it has moved a spare satellite into the orbit of the one that was destroyed in a collision with a Russian satellite a month ago. The high-speed crash with the decommissioned Russian military communications satellite on February 9 turned both spacecraft into clouds of debris. Soon after, Iridium, which is based in Bethesda, Maryland, said it had reconfigured its remaining 65 active satellites to cover the hole in worldwide satellite-phone coverage left by the crash. On March 9, it said it had permanently closed the gap with a spare that was already in orbit, bringing its fleet back to 66 active satellites. Iridium said it believes the incident has demonstrated the need for more “aggressive action” to track satellites and prevent collisions. It suggested expanded sharing of information between the industry and the U.S. government, which could relieve the Air Force of the need to track commercial satellites. Source: