Department of Homeland Security Daily Open Source Infrastructure Report

Monday, March 23, 2009

Complete DHS Daily Report for March 23, 2009

Daily Report


 According to Reliable Plant Magazine, the Occupational Safety and Health Administration has cited Wyman Gordon Company for 29 alleged serious violations of safety standards at its Grafton, Massachusetts metal forgings manufacturing plant. (See item 7)

7. March 18, Reliable Plant Magazine – (Massachusetts) Massachusetts manufacturer facing $110K OSHA fine. The U.S. Department of Labor’s Occupational Safety and Health Administration (OSHA) has cited Wyman Gordon Company for 29 alleged serious violations of safety standards at its Grafton, Massachusetts manufacturing plant. The metal forgings manufacturer faces $109,500 in proposed fines following two OSHA inspections conducted between September 2008 and March 2009. OSHA issues serious citations when death or serious physical harm is likely to result from hazards about which the employer knew or should have known. The first inspection, conducted under OSHA’s Site-Specific Targeting program, identified damaged support structures for overhead cranes; damaged support frames for large metal dies; slipping and tripping hazards; unguarded floors and platforms; missing access stairs; a damaged access ladder; non-functioning emergency exit lights; an overloaded fork truck; an overloaded lifting attachment; defective wire rope slings; unguarded machinery; improper storage of compressed gas cylinders and several electrical safety deficiencies. OSHA began the second inspection in response to a December 23 accident in which two employees were injured when they were struck by a 700-pound forging that shot up in the air while they were attempting to free it from a malfunctioning die on a power press. OSHA cited Wyman Gordon for not developing procedures to prevent the build-up and release of hazardous energy generated by the press during the servicing. Source:

 WLOX 13 Biloxi reports that the Popp’s Ferry Bridge in Biloxi, Mississippi was struck by a barge on Friday, and a 150 foot section of the bridge is missing. (See item 12)

12. March 20, WLOX 13 Biloxi – (Mississippi) Popp’s Ferry Bridge struck by barge. The Popp’s Ferry Bridge was struck by a barge March 20 around 7:30 a.m., and a 150 foot section of the bridge is missing. There were no injuries. The bridge was in the upright position, open for a group of eight barges to pass through. Eyewitnesses said the tug boat moving the barges was moving toward the south side of the draw, instead of moving through the middle. One of the eight barges is underwater, and another was taking on water. The barge was carrying gravel or limestone when it slammed into the bridge. At a news conference on March 20, investigators said that strong northerly winds and a strong current may have contributed to the accident, forcing the barges off course. A portion of the bridge fell into the water, and several pilings on the south side of the bridge are also cracked. Source:


Banking and Finance Sector

10. March 19, Cleveland Daily Banner – (Tennessee) Police warn residents of scam phone calls. The Bradley County Sheriff’s Office is advising residents to be aware of a telephone scam where the caller is claiming to be associated with the Tennessee Valley Authority Credit Union. According to reports, multiple residents filed miscellaneous reports with the sheriff’s office after receiving suspicious phone calls requesting debit card information on March 15. The suspicious caller is reportedly telling residents their TVA Credit Union debit cards have either been canceled or invalidated. The caller then provides residents instructions to use their telephone keypad to enter their debit card number and debit card information in order to reactivate their card. According to the incident reports on file at the sheriff’s office, the alleged caller made the phone calls from 8:28 p.m. to 8:57 p.m. on March 15. Reports indicated the phone calls were made from a telephone number with a 704 area code and a prefix of 771. Source:

11. March 19, Computerworld – (National) Post-breach criticism of PCI security standard misplaced, Visa exec says. Visa Inc.’s top risk management executive dismissed what she described as “recent rumblings” about the possible demise of the PCI data security rules as “premature” and “dangerous” to long-term efforts to ensure that credit and debit card data is secure. Speaking at Visa’s Global Security Summit in Washington, the credit card company’s chief enterprise risk officer insisted that despite recent data breaches at two payment processors, the Payment Card Industry Data Security Standard (PCI DSS) “remains an effective security tool when implemented properly.” The officer added that breaches such as the ones at Heartland Payment Systems Inc. and RBS WorldPay Inc. were shaping public opinion and obscuring what otherwise has been “substantial progress” on the security front over the past year. “I am sure that everyone in this room has read the headlines questioning how an event of this magnitude could still happen even now,” the officer said, referring to the Heartland breach. “The fact is, it never should have,” and indeed would not have if Heartland had been vigilant about maintaining its PCI compliance, according to the officer. “As we have said before,” she continued, “no compromised entity has yet been found to be in compliance with PCI DSS at the time of a breach.” Pointing to Visa’s recent decision to remove both of the breached payment processors from its list of PCI-compliant service providers, the officer said that Heartland would face fines and probationary terms that were proportionate to the still-undisclosed magnitude of the breach. “While this situation is unfortunate, it does not make me question the tools we have at our disposal,” she said of the PCI rules. Source:

Information Technology

38. March 20, IDG News Service – (International) A search is launched for Conficker’s first victim. Where did the Conficker worm come from? Researchers at the University of Michigan are trying to find out, using a vast network of Internet sensors to track down the so-called “patient zero” of an outbreak that has infected more than 10 million computers to date. The university uses so-called Darknet sensors that were set up about six years ago to keep track of malicious activity. With funding from the U.S. Department of Homeland Security, computer scientists have banded together to share data collected from sensors around the world. ”The goal is to get close enough so you can actually start mapping out how the spread started,” said a University of Michigan graduate student who is working on the project. But that is not an easy job. To find the minuscule clues that will identify the victim, researchers must sift through more than 50 terabytes of data to find the telltale signatures of a Conficker scan. One of the ways that Conficker moves about is by scanning the network for other vulnerable computers, but it can be very difficult to spot it for certain, the graduate student said. “The hard thing is to find the exact Conficker scanning activity, because there is a lot of other scanning going on,” he said. Source:

39. March 19, IDG News Service – (International) Expert: Hackers penetrating industrial control systems. The networks powering industrial control systems have been breached more than 125 times in the past decade, with one resulting in U.S. deaths, a control systems expert said on March 19. The managing partner of control systems security consultancy Applied Control Solutions, did not detail the breach that caused deaths during his testimony before a U.S. Senate committee, but he said he has been able to find evidence of more than 125 control systems breaches involving systems in nuclear power plants, hydroelectric plants, water utilities, the oil industry, and agribusiness. “The impacts have ranged from trivial to significant environmental damage to significant equipment damage to deaths,” he told the Senate Commerce, Science and Transportation Committee. “We have already had a cyber incident in the United States that has killed people.” At other times, the managing partner has talked about a June 1999 gasoline pipeline rupture near Bellingham, Washington. That rupture spilled more than 200,000 gallons of gasoline into two creeks, which ignited and killed three people. Investigators found several problems that contributed to the rupture, but the managing partner has identified a computer failure in the pipeline’s central control room as part of the problem. It could take the United States a long time to dig out from coordinated attacks on infrastructure using control systems, the managing partner told the Senators. Damaged equipment could take several weeks to replace, he said. A coordinated attack “could be devastating to the U.S. economy and security,” he said. “We are talking months to recover. We are not talking days.” The industrial control system industry is years behind the IT industry in protecting cybersecurity, and some of the techniques used in IT security would damage control systems, the managing partner added. “If you penetration-test a legacy industrial control system, you will shut it down or kill it,” he said. “You will be your own hacker.” Source:

Communications Sector

40. March 20, KRIS 6 Corpus Christi – (Texas) Underground communications lines damaged around site of roadwork. The City of Corpus Christi Traffic Engineering Services Department advises residents and businesses around Greenwood Drive that the contractor working on road improvements along a stretch of Greenwood has damaged two AT&T underground communications lines. Officials say the lines were struck around 3 p.m. March 19 as crews were working on Greenwood between Trojan Drive and West Point Road. Officials also say it is not yet known to what extent the lines were damaged, but that telephone service to some residences and businesses in the area may have been interrupted. AT&T crews are on their way to the site and will begin making repairs as soon as they arrive. Source: