Department of Homeland Security Daily Open Source Infrastructure Report

Wednesday, May 20, 2009

Complete DHS Daily Report for May 20, 2009

Daily Report

Top Stories

 The New Hampshire Union Leader reports that guests and staff at two motels in Merrimack, New Hampshire had to be evacuated Sunday night when a gas leak at local propane gas distributor Bot-L-Gas reached dangerously high levels. (See item 1)

1. May 18, New Hampshire Union Leader – (New Hampshire) Gas leak forces evacuation of motel guests. Guests and staff at two motels on the Daniel Webster Highway in Merrimack, New Hampshire had to be evacuated Sunday night when a gas leak at a local propane gas distributor reached dangerously high levels. The highway was closed from the Greeley Street intersection to the Industrial Drive intersection for more than an hour after Merrimack fire officials were called to check a gas leak at Bot-L-Gas on Star Drive. The Merrimack fire chief said the evacuation was ordered because the gas levels were high enough to cause an explosion. Residents at the Comfort Inn and Residence Inn were told they had to leave. A desk clerk at the Residence Inn said 90 of the 129 rooms were occupied at the time. The Comfort Inn offered van service to transport some of their guests. The fire chief said residents on nearby King Street were alerted of a possible evacuation, but that they never had to leave their homes. Police cruisers blocked the road at intersections and at least six fire-rescue vehicles were on hand. The road was re-opened shortly after 8 p.m. The fire chief said the plant’s shutoff system allowed officials to quickly turn off the valves. Members of Merrimack fire and police joined investigators from the state fire marshal’s office and were still inspecting the facility to find the leak. Source:

 According to the Minneapolis Star Tribune, Xcel Energy officials are investigating what caused a unit at the Prairie Island nuclear power plant in Red Wing, Minnesota to shut down unexpectedly on Monday. (See item 6)

6. May 19, Minneapolis Star Tribune – (Minnesota) Unit 1 at Prairie Island nuclear plant unexpectedly shuts down. Xcel Energy officials are investigating what caused the Prairie Island nuclear power plant to shut down unexpectedly. One of the plant’s two units in Red Wing, Minnesota automatically tripped off shortly after 1 p.m. Monday. Utility officials said there were no injuries and no radiological releases as a result of the shutdown, and the U.S. Nuclear Regulatory Commission (NRC) described the incident as a “non-emergency.” Xcel’s site vice president for Prairie Island said the cause of the shutdown seems to be an electrical malfunction in one of two motors that pump river water into the plant. The circulating water is used to cool and condense non-radioactive steam from the turbine. Once the system detected a problem, circuit breakers shut off the pump, he said, setting off a quick sequence that caused the turbine and then the reactor to shut down. The vice president said that crews are testing power cables to the motor, the motor itself, and electrical relays to determine what triggered the system shutdown. An NRC report showed that “no safety or relief valves lifted” as the plant shut down, and that it would remain out of service until “the cause of the trip is corrected.” The NRC indicated that the plant’s safety system worked properly, and that one of its two resident inspectors at Prairie Island will oversee Xcel’s investigation and corrective actions. The vice president said that the plant may need to be shut down for a few days, depending on what the investigation reveals and what repairs need to be done. Source:


Banking and Finance Sector

10. May 18, Reuters – (National) Congress gives final OK to mortgage fraud bill. The U.S. House of Representatives gave final approval on May 18 to a bill that will create an independent commission to investigate the cause of the U.S. economic meltdown and give federal prosecutors more legal clout and staff to crack down on financial fraud. On a vote of 338-52, the House passed the bill, which the Senate had previously approved. It now goes to the U.S. President who is expected to sign it into law within days, a Democratic leadership aide said. The fraud bill is one of three major measures which could go to the U.S. President for his signature before the Democratic-led Congress heads off for its Memorial Day recess. The others are a bill to crack down on abusive interest rate increases and fees by credit card companies and one to help distressed homeowners escape predatory mortgages. The measure approved on May 18 creates an independent 10-person commission with subpoena power to investigate the cause of the U.S. economic crisis. The bill extends anti-fraud legislation to cover Troubled Asset Relief Program, or TARP, stimulus money and extends mortgage fraud law to all mortgage lending businesses. The legislation is also designed to step up the battle against white-collar crime. Mortgage fraud is believed to have been a significant factor in the U.S. subprime mortgage collapse and subsequent international financial downturn. Source:

11. May 18, New York Times – (New York) Caller ID fraud is a grim reminder. The Queens district attorney has taken down an identity theft ring that prominently used phone technology in its deceit. The thieves, who racked up more than a $15 million take over the past year, used easily purchased spoof cards to hide their true identities when calling banks. Phone spoof cards give callers a way to display any number they choose on the recipient’s caller ID. Some of the spoof cards also sell a feature that can alter the caller’s voice. The voice modification can be used to conceal an accent, or even to disguise the gender of the caller. By using the spoof cards to make it appear as though the calls were coming from legitimate customers and credit card applicants, the crooks were able to get credit cards issued in other people’s names. They were also able to trick bank employees into giving out information about real customers’ accounts. The district attorney indicted 45 in the fraud, some of them living out of state and some operating overseas. Source:

12. May 18, Bloomberg – (National) FDIC considers fee based on assets to build fund, lobbyist says. The Federal Deposit Insurance Corp. may charge lenders a fee based on assets rather than deposits to replenish its insurance fund, a step that would put a greater burden on large banks, a lobbyist said. The FDIC board, which meets on May 22 to vote on the charge, proposed on February 27 an assessment of 20 cents per $100 in insured deposits that community bankers said may erode earnings this year. The agency is considering a fee of 5 percent to 6 percent of a bank’s assets, excluding capital, Reuters reported on May 18, without citing a source. “They are looking at different types of assessments, one could be based on assets and not deposits,” said the executive vice president of the American Bankers Association, an industry lobbing group in Washington. “If you go with a fee based on assets, you bring in larger banks that might have to shoulder more of the burden.” The FDIC Chairman told community bankers March 20 that the agency would consider a fee based on assets. The FDIC posted more than 14,596 letters on its Web site about the fees, including from Independent Community Bankers of America members complaining that profits might be reduced this year. Source:

Information Technology

29. May 18, SpamFighter News – (International) Adobe’s flash files expose Web sites XSS attacks. The flaw in Shockwave Flash (SWF) files of Adobe, which was reporfor the first time in December 2007, is currently leading several thousands websites facilitate XSS (cross-site scripting) attacks. Security researchers explained that SWfiles generate animated content and banner ads. The vulnerable Flash files of Adobebe conveniently abused by cyber-criminals to launch XSS and phishing assaults. This high possibility that the vulnerability may lead to cookie hijacking. In other wordunaware users can be forwarded to phishing or malicious sites from the legitimate oBesides, the fraudsters can also intercept the users’ password. Security researchers also found that the vulnerable Flash files could be easily used by criminals to make interference with the official sites belonging to government agencies, banks and seveother reliable organizations. It is highly interesting to note that Adobe has made a number of efforts to fix the same flaw several times in the past; however, the flaw is complicated one and needs multi-stepped procedure to be fixed. Source:

30. May 18, IDG News Service – (International) IIS 6 attack could let hackers snoop on servers. Security vendors are warning users of Microsoft’s Internet Information Services 6 Web-server software that a new online attack could put their data at risk. The flaw was made public on May 14, when a security researcher posted details of the vulnerability to the Full Disclosure security mailing list. By sending a specially crafted HTTP request to the server he was able to view and upload files on the machine. The attack takes advantage of a bug in the way that Microsoft’s software processes Unicode tokens, he said. The vulnerability is being used in online attacks, the U.S. Computer Emergency Response Team said on May 18. In a statement, Microsoft said it had not heard of any such attacks, but that it was investigating the researcher’s claims. “We are working on a security advisory to provide customers with guidance,” the company said on May 18. The bug affects IIS 6 users who have enabled the WebDAV (Web-based Distributed Authoring and Versioning) protocols, used to share documents via the Web. It gives attackers a way to view protected files on the server without authorization and it could be used to upload files as well, according to an independent security researcher who confirmed the findings. However, the independent security researcher said he had found no way to use this flaw to run unauthorized software on an IIS server. Source:

Communications Sector

31. May 18, CNET News – (National) FTC goes after warranty robocallers. Recently, the Federal Trade Commission (FTC) filed lawsuits against three companies — Voice Touch and Transcontinental Warranty, both of Florida, and Network Foundations, based in Illinois — alleging these companies violated the Do Not Call registry law by making more than 1 billion robocalls since 2007 to residences, businesses, and mobile phones. The suit also alleges that the calls, which have generated more than $10 million since 2007, offer unnecessary and false warranty extensions for several thousands of dollars, and that the firms placing the calls also violated laws by blocking caller ID. The FTC chairman in a statement called these telemarketing schemes one of the most aggressive the commission has ever encountered. Source: See also:

32. May 16, Daily Record – (New Jersey) DOT: Workers are not to blame for phone outage. The New Jersey Department of Transportation (DOT) May 15 said workers on the Route 46 pedestrian bridge project should not be blamed for damaging a Verizon cable line — and the phone company conceded that a mapping mistake on its end might have caused the mishap. The Verizon line was damaged May 12, the same day that the workers were putting in fence posts along the center concrete highway median as part of the bridge project. The damage resulted in an ongoing loss of phone service for up to 300 homes and businesses and shut down the police department’s radios for 30 minutes. A DOT spokeswoman said the workers had no way of knowing the line would be in their way. In response, a Verizon spokesman said the project subcontractor followed guidelines in seeking information in advance of digging. He said Verizon is checking whether the line was properly marked by the company it uses for such work. Source: