Department of Homeland Security Daily Open Source Infrastructure Report

Monday, March 22, 2010

Complete DHS Daily Report for March 22, 2010

Daily Report

Top Stories

 According to the Wall Street Journal, a government watchdog faulted the FAA on March 18 for allowing Southwest Airlines to fly jets that had not undergone mandatory maintenance work, violating stipulated safety rules. (See item 16)

16. March 19, Reuters – (National) FAA faulted on Southwest Airlines. A government watchdog faulted the Federal Aviation Administration (FAA) for allowing Southwest Airlines Co to fly jets that had not undergone mandatory maintenance work, violating stipulated safety rules, the Wall Street Journal said. The Office of Special Counsel said on Thursday that the company failed to complete certain required maintenance involving rivets around the window frames of 55 of its Boeing 737 aircraft, the paper said, citing the counsel’s documents. Southwest voluntarily disclosed the information to a senior FAA inspector who was also a supervisor in the local office charged with overseeing the airline, the Journal said. But the inspector did not determine why the company had never completed the repair work or ensure that the necessary maintenance work was eventually completed, the paper added. The spokesperson told the paper that the airline officials “are confident that we have identified and remedied the issues.” “A second investigation has shown that some FAA managers continue their willingness to look the other way” rather than enforce strict compliance with maintenance requirements and voluntary disclosure rules, the paper said, quoting the associate special counsel. Source:

 The Associated Press reports that three booby-trap attacks on an anti-gang task force in Southern California prompted the arrests of about 30 members of California’s largest motorcycle gang, prosecutors said on March 17. Members of the Vagos were arrested as part of the crackdown in California, Arizona, Nevada, and Utah after the attacks on police in Hemet, California. (See item 41)

41. March 17, Associated Press – (National) Authorities: Booby traps targeting police prompt arrests of biker gang members in West. Three booby-trap attacks on an anti-gang task force in Southern California prompted the arrests of about 30 members of California’s largest motorcycle gang, prosecutors said on March 17. Members of the Vagos were arrested as part of the crackdown in Riverside and Shasta counties in California, Arizona, Nevada and Utah after the attacks on police in Hemet, California. “In the last few months, they’ve gotten our attention. Today we gave them some attention back,” Riverside County District Attorney said. “Our goal is to eliminate the significant threat to law enforcement that the Vagos represent.” He declined to detail evidence he said links the Vagos to those stealth attacks because the investigation was ongoing. But he described the ambush devices as insidious and cowardly. He said the Vagos specialize in methamphetamine sales, weapons trafficking, and violence, particularly toward law enforcement officers. About 400 heavily armed police, sheriff’s deputies and federal agents visited 73 locations early on March 17 in search of 94 gang members. Officials said there are about 600 Vagos in the Western U.S., including about 200 in Riverside County, California, where the gang was started in the late 1960s. Source:,0,6554095.story


Banking and Finance Sector

9. March 18, Wall Street Journal – (National) Wachovia settles money-laundering case. Wachovia Bank reached a $160 million settlement with the Justice Department over allegations that a failure in bank controls enabled drug traffickers to launder drug money by transferring money from Mexican currency-exchange houses to the bank. Under a deferred-prosecution agreement with federal prosecutors in Miami, Wachovia, which is owned by Wells Fargo & Co., “admitted failure to identify, detect, and report suspicious transactions in third-party payment processor accounts,” according to the Justice Department. Prosecutors said the bank processed $420 billion in transactions without using proper money-laundering detection. Wells Fargo already had set aside money to cover the penalty. The currency- exchange houses, known as casas de cambio, serve as a legitimate method for immigrants to send money to relatives in Latin America. But authorities in the U.S., Mexico and Colombia have for years warned that drug-traffickers also use these exchange houses to launder the proceeds of their trade. Source:

10. March 18, Associated Press – (National) PNC Bank: National City Bank debit accounts hacked, hit with fraud. PNC Financial Services Group Inc. said on March 18 it is investigating a system wide account breach that affects former National City Bank customers and their debit card accounts. The affected accounts are restricted to the Cincinnati area, and current PNC Bank customers are not affected, a PNC Financial spokesman told The Associated Press. Bank officials were made aware of the data breach recently, but the spokesman would not say how many customers’ accounts have been compromised or how much money was stolen. PNC Financial, which is based in Pittsburgh, said some customer debit cards were compromised shortly before the company acquired Cleveland-based National City Corp. in December 2008. All open accounts are “under an enhanced surveillance,” he added, and the security measures “should prevent any further access to them by any unauthorized individuals.” It was not immediately clear if the account breach could have been an inside job. Source:,0,5730812.story

11. March 18, DarkReading – (International) Report: Phishing hits all-time high. Phishing attacks increased more than 60 percent from 2008 to an all-time high as the number of attacks per organization hit nearly 600, a new report finds. MarkMonitor’s 2009 BrandJacking Index report, released this week, shows 565,502 phishing attacks last year, up 62 percent from 2008, and attackers have become more targeted given only 33 percent of the victims were first-time phishing targets. Attacks targeting social networks increased by 376 percent from 2008, with 11,240 attacks — about 2 percent of all phishing exploits last year. Most phishing attacks are hosted in the U.S. — 44.7 percent, an increase from 36.5 percent in 2008. “A lot of the attacks were on large financial organizations...we also saw that phishing targeting payment services grew,” says the CMO at MarkMonitor. Phishing against payment services firms grew 154 percent last year, and attacks on financial brands increased 36 percent, according to MarkMonitor’s report. Source:

12. March 18, KNDO 23 Yakima – (Washington) One man in custody after threats made to bank in Sunnyside. One man is in custody, but police are still trying to figure out his involvement with a bank threat made Thursday morning at the Bank of America. It happened around 11:40, the Bank of America in downtown Sunnyside received a threatening phone call, police believe it was someone inside the bank. When officers arrived on scene they took one man into custody without incident. Police haven’t released the man’s name, they’re stopping short of calling him a suspect. “He’s in custody, under investigation. Statements will tell us a little bit more about what happened,” said a spokesman for the Sunnyside Police Department. Police also have the phone they believe was used to make the threat. The FBI is taking over the investigation, which is common in bank threats. The bank was closed for the rest of the day, but employees were kept in the bank for questioning. No one was injured during the threat or arrest. Source:

13. March 16, WBOY 12 Clarksburg – (West Virginia) Phone scam targets Clear Mountain Bank. A new phone scam is targeting the region using Bruceton Mills based Clear Mountain Bank as a cover. People have reported receiving a recorded message that the bank has flagged their debit or ATM cards for suspicious use. The message then says to select an option to speak with a representative and confirm their banking information. “Just hang up the phone,” said the president of Clear Mountain Bank. “No bank, our bank or any other bank will ever call a customer and ask for an account number, their social security number, your debit card number. We already have that information.” The president said Clear Mountain Bank tracked the calls, and found someone hacked into the phone system of a Massachusetts business to make the calls. Source:

Information Technology

44. March 19, The Register – (International) Energizer site still plagued by data-stealing trojan. The maker of Energizer brand batteries is continuing to serve its customers a file laced with a data-stealing trojan more than 24 hours after the company was notified of the threat and almost two weeks after it promised to fix the problem. A spokeswoman for Energizer Holdings acknowledged receiving a voicemail on March 17 informing her the trojan was being offered for download on one of the company’s European websites. She said she did not respond to the message because of the late hour at which it was left, and never saw an article reporting that two anti-virus firms had confirmed the site continued to offer the toxic file 12 days after the company promised to stamp it out. When The Register directed the spokeswoman to the precise page where the offending UsbCharger_setup_V1_1_1.exe file is being served, she said: “I can assure you it will be taken down immediately.” But at time of publication, more than nine hours later, the file was still available for download. Source:

45. March 19, Computerworld – (International) Google patches Chrome days before hacking contest. Google has patched 11 vulnerabilities in the Windows version of Chrome, including one that earned its finder the first $1,337 check from the company’s new bug bounty program. Like Apple, which updated Safari last week, Google beefed up the security of its browser just days before the Pwn2Own browser hacking contest was to kick off in Canada. The update to Chrome fixes six flaws rated “high,” the second-most-severe ranking in Google’s four-step threat system; plugs three “medium” holes; and quashes two “low” bugs. Danish vulnerability tracker Secunia rated the update as “highly critical.” Although Google typically hides technical details of the most serious vulnerabilities when it issues an update — it blocks bug tracker entries to prevent attackers from using the information — all of the 11 bugs are behind the wall this time. Source:

46. March 18, BBC – (International) Spammers survive botnet shutdowns. Spam levels have not been dented by a series of strikes against controllers of networks of hijacked computers. Early 2010 has seen four such networks, or botnets, tackled via arrests, net access cutoffs and by infiltrating command systems. The successes have not inconvenienced hi-tech criminals who found other routes to send spam, say experts. And, they add, despite falling response rates, spam remains too lucrative for criminals to abandon. Source:

47. March 17, IDG News Service – (National) FTC member rips into Google’s privacy efforts. Several major U.S. Internet companies, including Google and Facebook, need to “step up” and better protect consumer privacy or face tougher penalties from the U.S. Federal Trade Commission, a commissioner said on March 17. The commissioner, who is leaving the FTC next month, ripped into Google for the launch of its Buzz social-networking tool in February, and she complained that many other Internet firms, including Facebook and Microsoft, aren’t encrypting the consumer data that lives in their clouds. “I am especially concerned that technology companies are learning harmful lessons from each other’s attempts to push the privacy envelop,” she said during an FTC privacy workshop. “Even the most respected and popular online companies, the ones who claim to respect privacy, continue to launch products where the guiding privacy policy seems to be, ‘Throw it up against the wall and see if it sticks.’” Source:

Communications Sector

48. March 19, – (International) European Commission to improve onboard calling. The European Commission has approved new rules that it said will make it easier for people traveling on ships in its waters to make and receive mobile calls and messages. The EC announced that the rules would harmonize the technical and legal environment for providing such services, while making sure than anyone out at sea had the opportunity to use them. The EU digital agenda commissioner said, “Tens of millions of people who travel and work on ships anywhere in European territorial waters will be able to use their mobile phones without problems of interference as a result of the new rules just adopted by the Commission.” While currently most ships use Picocell transmitters, which connect to satellites for their calls, the EC adopted the proposal that 900 MHz and/or 1800 MHz GSM radio frequencies should also be made available for passengers and workers. Also approved was the suggestion that mobile service providers should be able to provide their services in the territorial waters of countries in which they do not currently have a license to operate. Source:

49. March 18, Computerworld – (National) FCC launches broadband public safety Web page. The Federal Communications Commission on March 18 launched a new “Broadband and Public Safety and Homeland Security” Web page to provide the public with information about a proposed $16 billion national wireless network for emergency responders in the new National Broadband Plan. The site includes links to the FCC’s 360-page National Broadband Plan released on March 16 as well as recent public forums and workshops. One video link shows proceedings from a March 2 public forum in Washington on the creation of an Emergency Response Interoperability Center (ERIC), which under the the National Broad Plan, would oversee technical considerations in creating a nationwide wireless broadband network for use by first responders. Source: