Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, March 24, 2009

Complete DHS Daily Report for March 24, 2009

Daily Report


 The Associated Press reports that the driver of a tractor-trailer carrying 33,000 pounds of corrosive hydrofluoric acid says he swerved to avoid a deer and his rig overturned, prompting a nine-hour evacuation of about 5,000 people in Wind Gap, Pennsylvania on Saturday. (See item 3)

3. March 22, Associated Press – (Pennsylvania) Deer blamed for Pa. crash that prompted evacuation. The driver of a tractor-trailer carrying a hazardous chemical says he swerved to avoid a deer and his rig overturned, prompting a nine-hour evacuation of about 5,000 people in Wind Gap, Pennsylvania. State police in Northampton County say two people were in the Honeywell truck carrying 33,000 pounds of corrosive hydrofluoric acid, a component for household detergents, from Ontario to Philadelphia. The driver was treated at a hospital after the 2:30 a.m. Saturday crash and released. His sleeping co-driver was uninjured. Police say none of the material in the self-contained tank spilled, but a small amount dripped from a vent valve and dispersed in the air. As a precaution, officials ordered an evacuation of 944 households, amounting to about 5,000 people. The truck was eventually loaded onto a flatbed and hauled to Philadelphia to allow offloading of the cargo. Source:

 According to United Press International, a single-engine plane that crashed Sunday near the Butte, Montana airport, killing 14 people, carried too many people and was missing key recorders, federal investigators said Monday. (See item 11)

11. March 23, United Press International – (Montana) NTSB: Plane overloaded, lacked recorders. A plane that crashed near the Butte, Montana airport carried too many people and was missing key recorders, federal investigators said Monday. The Pilatus PC-12, a single-engine turbo prop, was flying from Redlands, California on Sunday to Bozeman, Montana when it crashed just short of the Butte airport, killing 14 people, seven of them children. The flight was diverted to the Butte airport for an unknown reason, ABC News reported. The acting chairman of the National Transportation Safety Board (NTSB) said during a briefing Monday a quick answer was unlikely about why the crash occurred. NTSB personnel said they did not know the reason for the flight, although initial media reports indicated it was a ski trip. The pilot did not make a radio call, and Butte’s airport does not have radar control, which when combined with the lack of a black box and survivors, could make the investigation difficult, officials said. The Pilatus PC-12 was certified to carry 12 people, but federal investigators say there were 14 people on the flight, which had seating for 11. The chairman said the NTSB will have to determine why extra people were on the plane. Source:


Banking and Finance Sector

7. March 23, – (National) Treasury unveils long-awaited ‘bad-asset’ plan. The Treasury Department unveiled its long-awaited plan to remove many of the troubled assets from banks’ books on March 23, representing one of the biggest efforts by the U.S. government yet to tackle the ongoing financial crisis. Under the new so-called “Public-Private Investment Program,” taxpayer funds will be used to seed partnerships with private investors that will buy up so-called toxic assets backed by mortgages and other loans. The goal is to buy up at least $500 billion of bad assets, such as subprime mortgages that are now in danger of default. Doing so would help cleanse the balance sheets of many of the nation’s largest banks, which continue to suffer billions of dollars in losses. The government will then run auctions between the banks selling the assets and the investors buying them, hoping to effectively create a market for these assets. Source:

8. March 21, Bloomberg – (Colorado; Georgia; Kansas) Kansas, Colorado, Georgia banks shut as losses mount. Banks in Kansas, Colorado, and Georgia were seized, pushing this year’s tally of failed U.S. lenders to 20, as foreclosures surged amid a recession and the highest unemployment in a quarter century. The banks with $1.1 billion in total assets and $853 million in deposits were shut by regulators, and the Federal Deposit Insurance Corp. was named receiver, according to e-mailed statements on March 21 from the FDIC. Deposits of TeamBank in Paola, Kansas will be passed to Great Southern Bank in Springfield, Missouri, and Herring Bank in Amarillo, Texas is assuming deposits of Colorado National Bank in Colorado Springs. Both failed banks were owned by Team Financial Inc. in Paola. Regulators were unable to find a buyer for FirstCity Bank of Stockbridge, Georgia, and the FDIC will send payments to insured depositors beginning March 23. “The FDIC will fulfill its obligation to insured depositors by mailing checks for their insured amounts,” the regulator said, referring to FirstCity. The agency also was unable to find a bidder for Salt Lake City-based MagnetBank, which was seized January 30. Source:

9. March 20, – (California; Kansas) U.S. seizes 2 big credit unions. The Federal Government, in its latest effort to prop up the financial system, took over two big wholesale credit unions on March 20 with combined assets of $57 billion. U.S. Central Federal Credit Union in Lenexa, Kansas and Western Corporate Federal Credit Union in San Dimas, California were placed under conservatorship “to stabilize the corporate credit union system and resolve balance sheet issues,” according to the National Credit Union Administration. The administration is a federal agency that regulates, charters, and supervises federal credit unions. Neither of the failed institutions serve consumers directly. As corporate credit unions, they service the credit union system. Credit unions count 90 million members nationwide. Members of the two credit unions will not experience any disruption in service and are free to make deposits and access funds, according to the regulator. U.S. Central Federal Credit Union has about $34 billion in assets, with 26 retail corporate credit union members. WesCorp has $23 billion in assets and approximately 1,100 retail credit union members. Source:

10. March 20, Associated Press – (National) AIG unit sues Countrywide over loan losses. A unit of embattled insurer American International Group Inc. filed suit against mortgage lender Countrywide Financial Corp. in California federal court on March 19, alleging Countrywide misrepresented the health of loans that the company insured, resulting in massive losses. United Guaranty Mortgage Indemnity Co. filed suit in U.S. District Court, accusing Countrywide of breach of contract, fraud, negligence, and unfair competition and business practices. United Guaranty alleges Countrywide “abandoned its own underwriting guidelines to boost its market share and then misrepresented the quality of its loans so that United Guaranty would provide insurance coverage for them.” The AIG unit is seeking unspecified punitive damages, and wants the insurance policies on the loans and its payments on the policies to be canceled. Source:

Information Technology

28. March 23, Softpedia – (International) Microsoft confirms critical 0-day IE8 vulnerability. Microsoft has confirmed officially the zero-day vulnerability impacting Internet Explorer 8, the latest iteration of its IE browser. The security flaw was demonstrated on the first day of the Pwn2Own hacking context of the CanSecWest 2009 in Vancouver recently. A security researcher managed to own a Sony Vaio running Windows 7 via a vulnerability in IE8. The manager of Security Response for TippingPoint revealed that Microsoft had acknowledged to her the existence of the issue. “The MSRC (Microsoft Security Response Center) (...) let me know that they had reproduced and validated IE8 vulnerability. Of course, we cannot tell you anything more than that, look for more information once Microsoft releases an update for it. I continue to be impressed by the dedication of the MSRC team, and was shocked to get the news of verification in less than 12 hours, considering the entire IE team was most likely at the MIX 2009 con down in Vegas for the official launch of IE8,” she stated. Source:

29. March 23, InformationWeek – (International) Phishing gets automated and we’re all getting targeted. Phishing expeditions business and personal data are rising to record levels, with fake anti-malware campaigns alone increasing by 225 percent in the last six months of 2008. Password-stealing Web sites jumped 827 percent IN 2008. The reason is the phishers are investing in automation. A new report from the Anti-Pjhshing Working Group (APWG) gives a sense of just how aggressive the phishers and malware makers are becoming in search of one’s business (and personal) data. Using increasingly automated attacks and re-tooling strategies such as anti-malware come-ons, phishers are bombarding the Web with mail campaigns, continue to co-opt known and trusted brands, and are sprouting malware Web sites at stunning rates. According to APWG, malware sites jumped 827 percent, from 3332 in January 2008 to 31,173 in December, within spitting distance of a 1,000 percent increase in twelve months. The largest increase was December; in fact, with the number of sites bearing malware and password-stealing tools skyrocketing from November’s 11,834 to 31,173. While APWG notes that the December pop was a result of “some large attacks that were using huge amounts of random websites for phishing campaigns that were spoofing classmates’ websites,” the organization undoubtedly also knows that this sort of increase is unlikely to remain an aberration. Source:

30. March 21, Korean Times – (International) New password-manipulating virus spreading. A new computer virus that attacks the computer password, manipulates and eventually blocks the user to log in to the computer is spreading, Yonhap reported on March 21. The virus, an advanced form of “Win32.HLLW.Shadow.based” that showed up last month, locks up the computer, resulting in log in error. It also paralyzes the network by overloading the traffic on the 445 port. A free vaccine is available on the Web site of the anti-virus company, New Technology Wave. The vaccine provider also advises computer users to regularly change their computer passwords and update Windows security patches. Once infected, the virus detours the radar of the previously installed vaccine program on the computer and makes it undeletable, the company said. Source:

Communications Sector

Nothing to report