Friday, May 15, 2009

Complete DHS Daily Report for May 15, 2009

Daily Report

Top Stories

 According to the Associated Press and Morning News, an empty 67,000-barrel gasoline tank undergoing repairs exploded Tuesday at a fuel storage facility owned by Teppco Partners in White County, Arkansas, killing three workers. (See item 2)

2. May 12, Associated Press and Morning News – (Arkansas) Three die in gasoline tank explosion. An empty gasoline tank undergoing repairs exploded Tuesday at a fuel storage facility in White County, killing three workers, authorities said. The explosion occurred just before 2:30 p.m. at a storage facility owned by Teppco Partners, a Houston-based energy company, said a spokesman. The tank had been previously cleaned and workers were preparing to install a new gauge on it, he said. Three workers for an outside company contracted to do the repairs died in the explosion, said a spokesman for the Arkansas Department of Emergency Management. The Teppco spokesman said the company was in contact with local first responders and federal work safety investigators about the explosion. The Teppco spokesman said the tank was empty and not in service at the time of the explosion. He said the 67,000-barrel tank was being cleaned to prepare for new equipment to gauge the level of gasoline within the tank. He said it was not immediately clear whether the workers were inside or outside of the tank at the time of the explosion. A spokeswoman for the U.S. Occupational Safety and Health Administration in Dallas said federal investigators left for the explosion site Tuesday afternoon. She said she had no other details about the explosion. The Teppco facility, just east of U.S. 67 near McRae, stores diesel and unleaded gasoline for clients. The facility has five tanks with a capacity of 250,000 barrels. There appeared to be no release of fuel or fumes in the area surrounding the tank after the explosion, said a spokesman for the Arkansas Department of Environmental Quality. The explosion required no evacuations from the surrounding farmlands. Source:

 Federal Computer Week reports that the Homeland Security Department’s platform for sharing sensitive but unclassified data with state and local authorities was hacked recently, a DHS official has confirmed. The official said the U.S. Computer Emergency Readiness Team reported an intrusion into the Homeland Security Information Network in late March. (See item 21)

21. May 13, Federal Computer Week – (National) Information-sharing platform hacked. The Homeland Security Department’s platform for sharing sensitive but unclassified data with state and local authorities was hacked recently, a DHS official has confirmed. The intrusion into the Homeland Security Information Network (HSIN) was confirmed to Federal Computer Week by the chief information officer for DHS’ Office of Operations Coordination and Planning. The chief information officer said the U.S. Computer Emergency Readiness Team reported an intrusion into the system in late March. The initial hack was brief and limited, and it was followed by a more extensive hack in early April, the chief information officer said. The hacker or hackers gained access to the data by getting into the HSIN account of a federal employee or contractor, the chief information officer said. The bulk of the data obtained was federal, but some state information was also accessed, he added, and the organizations that owned the data and Congress were notified of the intrusion. The files that were accessed contained administrative data such as telephone numbers and e-mail addresses of state and federal employees. However, an investigation into the incidents has found that no Social Security numbers, driver’s license numbers or financial data were obtained, the chief information officer said. Because HSIN is a sensitive but unclassified network “no information can be posted on HSIN that would cause anything more than minor damage to the homeland security mission,” he said, adding that none of the accessed files dealt with the operations of either federal or state agencies that use HSIN. Source:


Banking and Finance Sector

7. May 12, DarkReading – (National) Report: ATM/debit card fraud on the rise. Credit card fraud may get most of the publicity when it comes to identity theft, but ATM and debit card theft is expected to grow 10 to 14 percent this year, according to a survey of financial institutions released May 12. It turns out the study was well-timed, too: Police officials in New York City reported on May 12 that a fraud ring had stolen $500,000 from hundreds of bank customers’ accounts in the city using skimming devices affixed to ATM machines at Sovereign Bank branches in Staten Island. The skimmers read and stored their account information, and a rogue camera affixed to the machines captured victims’ typing in their PIN numbers. They also used the information to clone the cards, according to published reports. Nearly 70 percent of the respondents to the survey, conducted by antifraud firm Actimize, said they had experienced an increase in ATM/debit card fraud claims in 2008 compared to 2007. Around 23 percent said those claims jumped by 5 to 9 percent; around 16 percent, by 10 to 14 percent; 17.5 percent, by 15 to 19 percent; nearly 9 percent, by 20 to 24 percent; 11 percent, by 25 to 49 percent; and 5 percent, by a whopping 50 to 74 percent. Half of the institutions had been hit with fraud complaints that came out of some of the major data breaches, with more than 30 percent saying they had seen fraud incidents as a result of the TJX hack, and 30 percent out of the Heartland Payment Systems hack. “It was interesting to confirm that not only are banking customers using ATM/debit card at risk, in general, because their data has been compromised and could be used for fraud, but it is being used for fraud,” says the director of fraud solutions at Actimize. Source:

8. May 12, WOWT 6 Omaha (Nebraska) Charges filed in Nebraska city broker scam. Two former Nebraska City brokers face eight counts each of securities fraud. The two brokers were registered broker-dealer agents with Capital Growth Financial. They are accused of selling high-risk securities to roughly 150 Nebraskans without disclosing key risks or warnings. The total loss is estimated at more than $20 million. The securities were from two Florida-based companies, American Capital Corp. and Royal Palm Capital Group, Inc.; neither is still in business. An attorney for the investors says many of the victims sold their farms or small businesses to invest a considerable portion of that money to provide for retirement. Warrants have been issued for both brokers’ arrests. If convicted, each count carries a penalty of up to five years in jail and/or a $10,000 fine. Source:

9. May 12, Reuters (National) Expanding FDIC borrowing could lower bank fees. The U.S. Comptroller of the Currency said on May 12 an expansion of the Federal Deposit Insurance Corp’s borrowing ability will help lower assessments charged to banks for deposit insurance. The Comptroller said he is happy with efforts in Congress to expand the FDIC’s borrowing ability with the Treasury Department to $100 billion from $30 billion. The increased borrowing authority could allow the FDIC to forgo a special assessment on banks to replenish the U.S. deposit insurance fund. In February the FDIC proposed raising premiums and assessing a one-time fee of about 0.2 percentage points to raise about $15 billion to help replenish the U.S. deposit insurance fund, which has been steadily dwindling as banks fail. As banks try to shore up their capital, they have complained that they cannot afford to pay the assessment, which is scheduled for the third quarter. “Bank failures are likely to continue and the cost to the fund will likely increase,” the Comptroller said at the conference of community bankers. Source:

Information Technology

23. May 13, ZDNet News – (International) Viruses now penetrating deeper. New malware variants have taken researchers by surprise by adapting new “stealth” methods to penetrate systems deeper so as to avoid detection, according to Kaspersky Lab. The antivirus company said in a video conference on May 13, a new variant of botnet, Sinowal, also known as Torpig, marks the first time cybercriminals have used such sophisticated methods. Kaspersky said Sinowal writes itself to the user’s hard drive master boot record (MBR), the operating system’s lowest level, and has been successful in avoiding detection by antivirus products. It said the worm has over the last month been actively spreading through a number of methods including Web sites exploiting the Neosploit rootkit and a vulnerability in PDF software, Adobe Acrobat Reader. Kaspersky said new methods of infiltration have also rendered it nearly impossible for users to avoid infection, even if they are careful. Seemingly clean sites can also perform backend redirection to malware-ridden sites. The head of the virus lab for Kaspersky said Web malware authors have favored redirection exploits on Web apps and search fields, like iFrame attacks during 2008, compared to 2007 which saw more Trojan horses and droppers being used. The Web has also overtaken e-mail as the top transport medium for viruses, with the number of infected sites growing 300 percent in 2008, he said. Source:

Communications Sector

24. May 13, United Press International – (California) Fridge odor empties office, 7 hospitalized. A refrigerator stench at a California AT&T call center in San Jose caused the building to be evacuated and seven people to be hospitalized with nausea, authorities said. The San Jose Fire Department said a hazmat team was sent to the office complex just before lunchtime May 12 and determined the odor was coming from an office mini-fridge, the San Jose Mercury News reported May 13. The stink caused seven people to be hospitalized with vomiting or nausea and 21 others were treated at the scene by paramedics. All 325 AT&T employees were evacuated from the building. A fire captain said he does not know what was causing the smell inside the refrigerator, but it smelled to him like rotting meat. Source:

25. May 13, Associated Press – (National) FCC: Landline number move should take 1 day, not 4. The Federal Communications Commission is telling landline phone companies that they now have to act faster when their subscribers want to move their phone number to a rival service. The commission voted May 12 to require companies to transfer, or “port,” landline phone numbers within one business day, down from the current four-day requirement. Wireless numbers are currently ported within one day, and the commission noted that landline companies should be just as fast. The requirement takes effect in about a year. Landline numbers can be transferred to competing landline services, such as those from cable or Internet calling companies, or to cell phones. Source:

26. May 13, CNET News – (National) Clearwire selects Cisco to help build 4G network. Clearwire named networking equipment maker Cisco Systems as a key supplier to help it build its nationwide 4G wireless network, the companies announced May 12. As part of the new strategic partnership, Cisco will provide IP routers and other equipment to build Clearwire’s network, which uses a technology called WiMax. Cisco will also develop some consumer devices that can be used on the network. Cisco would not provide specifics about the new products, but a Cisco representative said that these devices will be sold under the Linksys brand and are expected to be introduced later this year. Source:;title