Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, February 2, 2010

Complete DHS Daily Report for February 2, 2010

Daily Report

Top Stories

 The Associated Press reports that the U.S. military has halted flights carrying Haitian earthquake victims to the United States because of an apparent cost dispute. In a letter January 26 to the Health and Human Services Secretary, the governor of Florida said “Florida’s health care system is quickly reaching saturation, especially in the area of high-level trauma care.” (See item 42)

42. February 1, Associated Press – (Florida) Florida hospitals fill up. The U.S. military has halted flights carrying Haitian earthquake victims to the United States because of an apparent cost dispute, though a doctor warned that some injured patients faced imminent death if the flights do not resume. The evacuations were temporarily suspended Wednesday, said a spokesman for U.S. Transportation Command. The flights were halted a day after Florida’s governor asked the federal government to help pay for care. Florida officials said Saturday that they were not aware of any hospital in the state refusing to take in the patients. However, in a letter Tuesday to the Health and Human Services Secretary, the governor said “Florida’s health care system is quickly reaching saturation, especially in the area of high-level trauma care.” He asked the Secretary to activate the National Disaster Medical System, which is typically used in domestic disasters and pays for victims’ care. Source:

 According to the Associated Press, officials closed a high-rise dormitory in downtown Philadelphia on Monday in a carbon monoxide scare that sickened several students and sent at least two to a hospital. Several hundred students at the Art Institute of Philadelphia were forced from the 14-story building. (See item 45)

45. February 1, Associated Press – (Pennsylvania) Carbon monoxide sickens several in Philly dorm. Officials have closed a high-rise dormitory in downtown Philadelphia in a carbon monoxide scare that sickened several students and sent at least two to a hospital. Several hundred students at the Art Institute of Philadelphia were forced from the 14-story building before dawn Monday after carbon monoxide detectors went off. The dorm is home to about 550 students. A school spokeswoman says about a half-dozen students complained of illness after the evacuation. Two went to hospitals and were later released. The city ordered the building closed until the source of the gas is found. That could take several days. She says the students will be housed at hotels in the meantime. Two restaurants on the ground floor are also shut down. Source:


Banking and Finance Sector

15. February 1, Agence France Presse – (International) Swiss warn UBS Bank could collapse over talks involving US tax fraud investigation. Switzerland’s justice minister warned in an interview on January 31 that top bank UBS could collapse if sensitive talks with the United States over a high-profile tax fraud investigation fall through. “The actions of UBS in the United States are very problematic. Not just because they are punishable but also because they threaten all of the bank’s activities,” the minister told Le Matin Dimanche newspaper. “The Swiss economy and the job market would suffer on a major scale if UBS fails as a result of its license being revoked in the United States,” she said. Switzerland and the United States have negotiated an agreement under which UBS would hand over information on some 4,500 account holders to US tax police. But a Swiss court ruling earlier in January put the deal in doubt. Source:

16. February 1, Internet Evolution – (Delaware; National) How — and where — cybercriminals hide. Delaware holds the No. 1 spot in the recent Financial Secrecy Index (FSI) rankings of secretive jurisdictions compiled by the internationally respected Tax Justice Network, an independent organization promoting justice in tax issues. This undesirable accolade for Delaware was earned for its policies permitting cheap and easy company formation and the hiding of details about corporate ownership, all of which adds up to non-disclosure of the most important corporate information. Several other U.S. states — Nevada, Oregon, and Wyoming — have also received international criticism for lax company registration laws, but it is only in Delaware that an applicant can delay providing company member names, and if timed right, for as long as a year before the state steps in, allowing plenty of time for deals to be completed and illicit funds laundered out of the U.S. Once a company has served its purpose in this way, it can simply shut up shop, and little can be done to trace the perpetrators, invariably resulting in the frustration of international law enforcement. This short-term corporate environment is perfect for organized cybercrime operations. The examples of the RBN, McColo, and other cybercriminals were able to mislead reporters, researchers, and investigators for considerable time by hiding behind what are essentially “Mickey Mouse” corporate shields in Delaware. Source:

17. January 30, Wall Street Pit – (National) Bank failure toll reaches 15 in 2010. Regulators closed banks in Georgia, Florida, Minnesota, California, and Washington on January 29, pushing U.S. bank failures to 15 this year. Assets of nearly $5.5 billion and deposits of over $4.5 billion from the six banks were turned over to new lenders at a total cost of more than $1.5 billion to the FDIC’s DIF, according to agency statements. The banks closed were First National Bank of Georgia, Carrollton, Georgia, Florida Community Bank of Immokalee, Florida, Marshall Bank, National Association of Hallock, Minnesota, Community Bank and Trust of Cornelia, Georgia, First Regional Bank of Los Angeles, California, and American Marine Bank of Bainbridge Island, Washington. Source:

18. January 30, – (New York) New York investigates fraudulent credit card charges. An investigation is underway in New York that could give consumers more confidence in the way their credit card data is handled when they make online purchases. The state’s attorney general has announced an investigation into 22 major online companies that he accuses of helping to deceive customers into fee-based membership programs that place monthly fees on their credit cards for little in return. In many cases, these online vendors actually shared their customers’ credit card data with the marketing companies in question. Previous federal data has found that millions of consumers have been affected by these monthly charges, which often show up mysteriously on their credit card statements under the guise of “rewards programs,” discounts and other such things. This is one more reason why consumers should always take great care to read the fine print when making online purchases, since in many cases they have to specifically opt out of such offers in order to avoid the monthly charges. Worse for consumers, those who have tried to have the charges stopped have reported that it can be extremely difficult to do so. Source:

19. January 29, CNET News – (International) Bank of America Web site goes down Friday. Bank of America was investigating an outage on January 29 that affected an unknown number of customers but had ruled out a cyberattack, a representative said. “Our online-banking service is available,” a spokeswoman said in a telephone interview on January 29. “We ruled out a cyberattack, but are working with partners to determine the root cause.” Checks by CNET found the site down during the morning and afternoon, as late as 2:50 p.m. PST. Several readers reported the outage to CNET, and Business Insider reported that the site was down most of the morning. Several CNET readers reported that they were able to get through to the site, although at least one said it was sluggish. Bank of America’s Twitter account was reporting that “Our Web site is available. However, some customers are having intermittent issues with access. We are working to determine the root cause.” Source:

20. January 29, Newsday – (New York) White powder found in bank. Nassau County police found a suspicious white powdery substance in a West Hempstead Bank of America. Late on January 28, an employee of the bank came into contact with the substance, after which he became ill. The suspicious powder, which was found behind stacks of bills, is not believed to be life-threatening, and it is still being investigated. Source:

21. January 29, KIRO 7 Seattle – (Washington) Police evacuate Kent bank for suspicious package. Kent police responded to a report of a suspicious package left next to a bench in front of a bank on January 29, reported KIRO 7 Eyewitness News. The Home street Bank at 505 West Harrison Street was evacuated and the surrounding area was cordoned off while a bomb squad checked out a box left next to a bench. Using an X-ray device, a bomb squad technician evaluated the package and determined it was empty. No one was hurt. Source:

22. January 29, KGW 8 Portland – (Oregon) Death penalty decision looms for Woodburn bank bomb suspects. A judge could decide on January 29 whether Marion County can pursue the death penalty for the father and son suspected of bombing a Woodburn bank that killed an Oregon State Police bomb technician and a Woodburn Police captain, and seriously wounded the city’s police chief in December 2008. The defendants allegedly spent years plotting to bomb the West Coast Bank. On December 12, 2008, prosecutors say the men first called in a bomb threat to the Woodburn Wells Fargo branch. Investigators found a suspicious device that later was determined not to be dangerous. However, state bomb squad officials were led next door, to the West Coast bank. Just after 5 p.m., a device exploded there, killing a Woodburn police captain and a State police senior trooper. The defendants each face 10 counts of aggravated murder, three counts of attempted aggravated murder and other, related charges. Source:

23. January 29, South Florida Sun-Sentinel – (Florida; International) FBI investigates another alleged ‘Ponzi-style’ scheme. Federal prosecutors and FBI agents in South Florida are investigating allegations of yet another massive investment fraud in which thousands of investors across the United States and Canada are said to have lost $170 million. The investigation began last month after a 50-page preliminary report about the “Ponzi-style” scheme was sent to a Miami federal judge by a court-appointed special master. The report called for sweeping criminal investigations by U.S. and Canadian law enforcement. “The unassailable fact [is] that thousands of investors/owners, and by extension their families in the U.S. and Canada, as well as other countries, have been financially destroyed,” says the report by a Miami lawyer who is a former federal judge and U.S. attorney. Investors allegedly sank those now-missing millions into time share units and other property owned by the EMI Sun Village Resort and Spa in the Dominican Republic. But the money actually went to fund the lavish lifestyle and gambling debts of the resort’s developers, court papers say. Source:,0,3361975.story

Information Technology

53. February 1, SC Magazine – (International) The last 12 months saw a significant rise in social networking spam and malware, as Facebook is identified as the riskiest website. Over half of social networking users have received spam via a site while over a third have been sent malware. There has been a rise of 70.6 percent in social networking spam over the last year, with a rise 69.8 percent in malware being sent. The senior technology consultant for Sophos, whose ‘social security’ investigation revealed the figures, said: “Computer users are spending more time on social networks, sharing sensitive and valuable personal information, and hackers have sniffed out where the money is to be made. “The dramatic rise in attacks in the last year tells us that social networks and their millions of users have to do more to protect themselves from organised cybercrime, or risk falling prey to identity theft schemes, scams and malware attacks.” Facebook was also revealed to be the social network respondents believed posed the biggest security risk, with 60 percent naming it. MySpace gained 18 percent of the vote, Twitter 17 percent, and LinkedIn four percent. Source:

54. January 30, The Register – (International) Firefox-based attack wreaks havoc on IRC users. Underscoring a little-known web vulnerability, hackers are exploiting a weakness in the Mozilla Firefox browser to wreak havoc on Freenode and other networks that cater to users of internet relay chat. Using a piece of javascript embedded into a web link, the hackers force users of the open-source browser to join IRC networks and flood channels with diatribes that include the same internet address. As IRC users with Firefox follow the link, their browsers are also forced to spam the channels, giving the attack a viral quality that has has caused major disruptions for almost a month. “Huge numbers of users of the Freenode network ended up getting banned themselves because they would click the link and then they would join the network and flood the network,” one of the hackers, who goes by the moniker Weev, told The Register. “We get this huge rollover effect.” The malicious javascript exploits a feature that allows Firefox to send data over a variety of ports that aren’t related to web browsing. By relaying the scripts over port 6667, users who click on the link automatically connect to the IRC server and begin spewing a tirade of offensive text and links. The attack doesn’t work with Internet Explorer or Apple Safari, but “might” work with other browsers, Weev said. Source:

55. January 30, Network World – (International) Adobe warns of PDF phishing scam. A new phishing scam is trying to fool people into thinking it comes from Adobe, announcing a new version of PDF Reader/Writer. The message is making its way into e-mail boxes now, and the real Adobe urged any recipients to simply delete it. The phishing scam has a subject line “download and upgrade Adobe PDF Reader — Writer for Windows,” includes a fake version of Adobe’s logo and provides links that would lead to malicious code or other trouble if a victim clicked on them. The e-mail appears to come from Adobe, which is part of the scam. “It has come to Adobe’s attention that e-mail messages purporting to offer a download of the Adobe Reader have been sent by entities claiming to be Adobe,” the company said in a statement warning about it. “Many of these e-mails are signed as ‘Adobe PDF’ (or similar), and in some instances require recipients to register and/or provide personal information. Please be aware that these e-mails are phishing scams and have not been sent by Adobe or on Adobe’s behalf.” Source:

56. January 29, DarkReading – (International) Google offers hackers bucks for Chrome bugs. Google is now offering hackers money for discovering vulnerabilities in its Chrome browser — a practice already in place at Mozilla. The experimental incentive program is meant to entice researchers outside of the Chromium project to provide security feedback for the browser. Google says it will pay $500 for an eligible bug discovery and $1,337 for an especially severe or clever vulnerability; a single bug could be considered as multiple vulnerabilities. Google credited Mozilla for the idea of offering rewards for vulnerability finds in its software. Chrome security has been on the front burner for Google this week. The search engine giant on Monday issued an update to Chrome that included security fixes and new features, including stronger transport security and a cross-site scripting (XSS) protection feature. Source:

Communications Sector

57. February 1, University of Wyoming – (Wyoming) Sundance public radio station off air. Wyoming Public Radio engineers say the transmitter that serves Sundance lost power at 10 p.m. on January 28. A crew was dispatched by Powder River Energy Friday, January 29, to investigate the problem. “Powder River Energy reports that there are issues with the underground power line to the radio transmitter sites on Warren Peak,” said the chief engineer. “Crews have been working throughout the day to restore service but have thus far been unsuccessful. We hope to restore power be as soon as Friday evening if an alternate path for power can be established. However, in the worst case the outage may extend for several days or more if extensive repairs are required to the underground power line.” Source:

58. January 30, Anderson Independent-Mail – (Georgia) WLHR radio tower falls, knocks station off air in northeast Georgia. The Georgia Bureau of Investigation and the Federal Bureau of Investigation have been asked to look into the collapse of the transmitting tower of WLHR Radio in Lavonia, Georgia. The 284-foot tower fell around 1:18 a.m. on January 30 at the transmitter site. The owner of the property on which the station’s tower and transmitter sit said her dog began barking late January 29 and would not stop. “We believe one of the (guy-wire) sections was deliberately cut, which resulted in the tower falling completely over away from the (guy-wire) cut,” said the Georgia-Carolina Radiocasting chief executive officer. “There was no ice on the tower. The winds were not very strong. This was a deliberate case of sabotage based on the experience I’ve gained about radio station towers over the 33 years I’ve been in the business. If a tower collapses due to wind or the weight of excessive ice, it will collapse upon itself near the base of the tower. It will not fall over in one piece. We have no idea why anyone would do this to the tower, but we will use all the resources of the company to find out why this happened and who caused it.” “We found this morning that the tower had fallen in a southwesterly direction, and the [guy wires] had been tampered with,” said the Franklin county investigator. Source:

59. January 29, Data Center Knowledge – (Iowa) TEAM opens new Des Moines data center. A new data center opened near Des Moines on January 28. Although it was not the massive Microsoft cloud server farm that Iowans have been anticipating, the new facility in Waukee showcases another key growth market for Midwest data centers: health care. TEAM Technologies and the Iowa Health System held a grand opening for the $15 million first phase of a 46,000 square foot data center in Waukee, Iowa. The facility will house the patient and employee records for Iowa Health and be managed by TEAM Companies, which is building a network of data centers in second-tier markets in the upper Midwest. TEAM has existing facilities in Cedar Falls, Iowa and Fitchburg, Wisconsin. Data centers have become big business in the Midwest, and Iowa has been one of the pioneers. Council Bluffs is home to a new Google data center, and Microsoft announced plans to build a major data center in West Des Moines. That project is now on hold, a victim of belt-tightening due to the economic downturn. Source: