Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, November 3, 2009

Complete DHS Daily Report for November 3, 2009

Daily Report

Top Stories

 According to WPMT 43 Harrisburg, there are no signs the H1N1 virus is slowing down, but federal officials say delays in the production of the H1N1 vaccine should be diminishing as millions of more doses are being doled out over the next several weeks. (See item 31)

31. November 2, WPMT 43 Harrisburg – (National) Deadly week for H1N1; more vaccines on the way. There are no signs the H1N1 virus is slowing down, as the vaccine continues to trickle in. Federal officials say delays in the production of the H1N1 vaccine should be diminishing as millions of more doses are being doled out over the next several weeks. “There’s a gap between supply and demand, we do expect more doses in the next week or two. When I say more, we’re projected 8 to 10 million more doses over the next couple of weeks,” said the director of National Institute for Allergy and Infectious Diseases. This production increase comes at a good time. The CDC reports 19 children died of complications from the H1N1 virus just last week. That brings the total number of pediatric deaths to 114. Doctors say kids are the most at-risk because there bodies are not able to fight off the virus. At this point, doctors cannot predict how much longer the virus will cause problems. The good news is it has not mutated, meaning the vaccine appears to be the best way to stop it from spreading. Source:,0,3371380.story

 The Associated Press reported that officials urged residents near the Red Chute Bayou levee in Bossier City to leave their homes on November 1 as water continued to spill over the top of the levee and a breach seemed possible. Emergency officials worked October 31 and November 1 to fortify weak spots in the bayou fed by the Flat River, but witnesses said water was topping the levee and sandbags in places. (See item 46)

46. November 1, Associated Press – (Louisiana) Officials fear Red Chute levee breach possible. Officials urged residents near the Red Chute Bayou levee in Bossier City to leave their homes Sunday as water continued to spill over the top of the levee and a breach seemed possible. Emergency officials worked Saturday and Sunday to fortify weak spots in the bayou fed by the Flat River, but witnesses said water was topping the levee and sandbags in places. Officials asked residents in several northeast Bossier City neighborhoods to consider leaving their homes because of a threat the levee could breach. Authorities opened a shelter at a nearby school. Residents reported water in homes in some areas. The Caddo-Bossier Office of Homeland Security and Emergency Preparedness said more than 1,600 homes and 4,200 residents were in the potential flood area and they feared some people were not taking the threat seriously. If there is a breach in the levee, the water will flood the area quickly and people would then be trapped, authorities said. Red Chute’s waters began spilling over the levee early Saturday and continued into Sunday. One emergency official said the potential flood could be worse than the area’s previous floods of 2001 and 1991. In some areas, Red Chute was coming over the levee and sandbags at a steady flow, but the levee itself had not broken. Officials hoped the bayou’s level would crest sometime Sunday. Officials were reaching out to residents with special needs and taking people to the old Parkway High School for shelter. Source:


Banking and Finance Sector

17. October 30, CNN – (National) 9 banks in major holding company fail. Nine subsidiaries of FBOP Corp., a multistate holding company that included California National Bank of Los Angeles, succumbed Friday to the nationwide banking crisis, bringing to 115 the number of banks closed by regulators so far this year. The Federal Deposit Insurance Corp. said the nine banks in California, Illinois, Texas and Arizona that made up the privately held FBOP were taken over by U.S. Bancorp (USB, Fortune 500) of Minneapolis. The banks, which had combined assets of $19.4 billion and deposits of $15.4 billion, will open Saturday as U.S. Bank branches. The nine banks are Bank USA N.A. of Phoenix, California National Bank of Los Angeles, San Diego National Bank of San Diego, Pacific National Bank of San Francisco, Park National Bank of Chicago, Community Bank of Lemont in Lemont, Ill., North Houston Bank in Houston, Madisonville State Bank in Madisonville, Texas, and Citizens National Bank of Teague, Texas. Together, the nine banks had 153 offices. Customers of failed banks are protected, however. The Federal Deposit Insurance Corp., which has insured bank deposits since the Great Depression, currently covers customer accounts up to $250,000. The FDIC said it entered into a loss-share transaction with U.S. Bank on $14.4 billion of the $18.2 billion in combined purchased assets. Under that arrangement, the agency said U.S. Bank will share in the losses on the asset pools covered in an effort to maximize returns on the assets by keeping them in the private sector. Source:

Information Technology

37. November 30, The Register – (International) DDoS attacks topple 40 Swedish sites. Swedish authorities have few leads in their investigation of a massive denial-of-service attack on October 29 that downed about 40 websites belonging to police and media outlets. According to The Local, the attacks flooded media IT development firm Adeprimo with some 400,000 requests per second, compared with the 800 requests that are typical. Sites that use Adeprimo’s media platform were among the hardest hit. They included the main Gothenburg paper Goteborg-Posten, which was inaccessible from early morning to about noon on Thursday. A separate wave of attacks later on October 29 knocked the website for the Swedish police out of commission for a couple of hours. Investigators say both attacks were well executed and are most likely linked because the the amount of traffic was almost identical for each. They said the torrent appeared to originate in Asia, but of course, that says little about where the attackers may have been located. Source:

38. November 2, IDG News Service – (International) Microsoft: Worms are most prevalent security problem. The Conficker worm continues to be one of the most prevalent threats facing PCs running Windows, according to a new security report published by Microsoft. For the first six months of the year, Microsoft found that more than 5 million computers were infected with Conficker, according to its latest Security Intelligence Report. Conficker spreads either by exploiting a vulnerability in the Microsoft Windows Server service, through infected removable media or brute-forcing weak passwords on other PCs. Conficker alarmed Microsoft so much when it appeared that Microsoft issued an emergency patch in October 2008 for the software vulnerability that allowed it to spread rapidly. The worm is still circulating, mainly in enterprises, said the general manager of the Microsoft Malware Protection Center. Due to its password-cracking ability, if Conficker gets on one PC in a company, it can often then rapidly spread. Microsoft collects data on infections from its free security products such as Windows Defender, the Malicious Software Removal Tool (MSRT), Security Essentials as well as ones the company sells. Another worm — called Taterf — took the number two spot for the most infections at 4.9 million. Taterf steals authentication and account information for massively multiplayer online games such as World of Warcraft and Lineage, among others, and spreads through infected drives such as a USB stick or an infected network drive. Microsoft did see a decline of machines infected with Zlob, a notorious Trojan horse that spread by tricking people into believing it was actually a media codec, which is software used to encode and decode audio or video. Source:

39. October 29, Online Defense and Acquisition Journal – (National) DHS to announce cyber merger. In what could mark a major improvement to the nation’s ability to defend itself against cyber threats, the Department of Homeland Security will announce Friday that the U.S. Computer Emergency Readiness Team (CERT) will merge with the National Coordinating Center for Telecommunications (NCC). The two groups — now separated by two floors — will now be co-located and will operate jointly. It’s an interesting pairing, putting the public-private CERT together with the NCC, an interagency group of 22 Federal departments and agencies first created by a U.S. President in the aftermath of the Cuban Missile Crisis. The pending merger was discussed October 29 at a conference on cyber issues at the National Defense University. One expert at the conference expressed concern that centralizing the functions of the two groups might work against their effectiveness given the widely distributed nature of the Internet. “The primary issue this affects is in response. The military itself is commanded hierarchically but distributes capability among different commands. Unifying the agencies can help with funding but slow response and dilute capability,” said an associate professor at the Calumet campus of Purdue University. Source:

For another story, see item 40 below:

Communications Sector

40. November 2, ComputerWorld – (National) Swine flu emergency should put IT on alert. Though the H1N1 flu has been declared a national emergency by the U.S. President experts say that many companies remain ill-prepared for its potential consequences, which could include employee absentee rates of 40% or more. While October’s emergency declaration is targeted mostly at helping health care providers and government agencies bypass regulatory requirements to provide critical care, experts say it should also be a red flag for the IT and business communities. “Organizations probably have not allocated enough resources for virtual private networks nor tested VPNs for the fact that 80% of their staff could be working from home,” said executive director of DRI International, a training institute that focuses on helping businesses prepare for emergencies. “We ran some tests with companies, and they ran out of TCP/IP addresses in five minutes.” Source:

41. October 31, KSLA 12 Shreveport – (Louisiana) Storm damages Shreveport Convention Center. Storm damage to the Shreveport Convention Center could approach a quarter of a million dollars according to some estimates. From a distance the convention center appeared to have escaped the wrath of Thursday’s severe weather. But a closer look reveals the full extent of the damage. Shattered glass covered the front end of the convention center, with at least 62-glass panels broken. The structure also suffered a hole punctured into the limestone facade on the west wall of the convention center, along with a broken security gate below the hole. During the storm, personnel on the second floor had quickly gone into a central room for safety. Fierce winds peeled back, and in some cases threw off, some of the metal corner seals on the rooftop and flipped over large air vents. Inspection crews even found a tree limb responsible for at least one of the punctures to the roof. Source:

42. October 30, WESH 2 Orlando – (Florida) Police: Man Concealed Weapon At Downtown Disney. The Orange County Sheriff’s Office said a man was arrested Thursday night, charged with carrying a concealed weapon at downtown Disney without a permit. According to a police report, a witness saw the 24-year-old man conceal a gun in his waistband in a downtown Disney restroom and reported it to a Disney security guard. The report said that when deputies confronted the man, he pulled away and that a loaded 9 mm Glock fell out of his pants while deputies attempted to secure him. The report also said the deputies saw the man flash gang signs. The man was also charged with resisting arrest without violence. Police said the gun was reported lost or stolen last summer. Source: