Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, May 18, 2010

Complete DHS Daily Report for May 18, 2010

Daily Report

Top Stories

 The Associated Press reports that Canadian fighter jets escorted a Cathay Pacific airliner coming from Hong Kong to a safe landing in Vancouver International Airport May 15 following a bomb threat, officials said. Royal Canadian Mounted Police said that passengers had been safely taken off the plane and that nothing of concern had been found in the baggage. (See item 30)

30. May 15, Associated Press – (International) Fighter jets escort plane to Vancouver. Canadian fighter jets escorted a Cathay Pacific airliner coming from Hong Kong to a safe landing in Vancouver International Airport May 15 following a bomb threat, officials said. Royal Canadian Mounted Police said that passengers had been safely taken off the plane and that nothing of concern had been found in the baggage. ‘‘This incident is being taken very seriously,’’ a police spokeswoman said. Canadian F-18 Hornet fighter jets intercepted the Airbus A340 with 283 passengers and 14 crew members aboard and flew alongside it until it landed. ‘‘As a precaution, NORAD fighters escorted the aircraft until it landed safely in Vancouver,’’ said North American Aerospace Defense Command spokeswoman. Passengers told CTV News they were not informed of any problems during the flight. One passenger told CTV News the fighters appeared about 80 miles from Vancouver. ‘‘I was scared,’’ he said. ‘‘He was near to our plane, very near to our plane.’’ Source: http://www.nytimes.com/aponline/2010/05/15/world/AP-CN-Canada-Plane-Threat.html?_r=1&partner=rss&emc=rss


 According to eWeek, Google said May 14 it will no longer collect WiFi data after discovering that its Street View cars unwittingly collected personal information from citizens’ networks, a violation of privacy sure to inflame leaders of countries already wary of Google’s data-collection practices. (See item 54 below in the Information Technology Sector)

Details

Banking and Finance Sector

22. May 17, Zacks Equity Research – (National) U.S. bank failures inch to 72. On May 14, four more banks were shuttered by U.S. regulators. The failed banks were based in Georgia, Illinois, Michigan and Missouri. This brings the total number of bank failures to 72 so far in 2010, compared to 140 in 2009, 25 in 2008 and 3 in 2007. Although the economy is showing signs of a gradual recovery with large financial institutions stabilizing, tumbling home prices, soaring loan defaults and a high unemployment rate continue to take their toll on small banks. While many expect the economic recovery to gain momentum soon, there remains lingering concern in the banking industry. Failure of both residential and commercial real estate loans as a result of the credit crisis has primarily hurt banks. As the industry tolerates bad loans made during the credit explosion, the trouble in the banking system goes even deeper, increasing the possibility of more bank failures.â_¨â_¨The failed banks are: Saint Marys, Georgia-based Satilla Community Bank with total assets of $135.7 million and deposits of $134.0 million. Plymouth, Michigan-based New Liberty Bank with about $101.8 million in deposits and $109.1 million in assets. Springfield, Missouri-based Southwest Community Bank with about $102.5 million in deposits and $96.6 million in assets. Elmwood Park, Illinois-based Midwest Bank and Trust Company with total assets of $3.17 billion and deposits of $2.42 billion. Source: http://www.zacks.com/stock/news/34243/U.S.+Bank+Failures+Inch+to+72


23. May 15, San Francisco Chronicle – (California) Man, 55, gets 20 years for Ponzi scheme. A San Francisco tax preparer was sentenced to 20 years in federal prison May 14 for running a 30-year Ponzi scheme that cheated hundreds of investors out of more than $50 million. A district judge granted prosecutors’ request to impose the maximum sentence on the accused man, age 55. She scheduled a hearing July 29 on restitution for his victims, although it is not clear what percentage of their losses they will recover. The man’s lawyer said he used most of the money repaying investors while concealing his scheme from them. The suspect, who lived in San Mateo, owned Irving Bookkeeping and Taxes in the Sunset District. In pleading guilty to mail fraud in October, he admitted that between 1979 and June 2009, he fraudulently promised investors returns of as much as 13 percent on commercial loans. He used money from new investors to make interest payments to other clients, and spent the rest on casino gambling and speculative investments. Source: http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2010/05/14/BA2J1DF3PN.DTL&feed=rss.news


24. May 15, 7th Space Interactive – (California) California man sentenced for role in $61-million Ponzi scheme. An Orange County, California, resident has been sentenced to 121 months in federal prison for participating in a fraudulent investment scheme with an Orange County attorney that took in more than $61 million before it crashed and caused approximately 140 investors to suffer more than $20 million in losses. The accused man, age 63, of Tustin, was sentenced May 14. In addition to the prison term, the judge ordered the suspect to pay $14,525,993 in restitution. On September 28, 2009, the suspect pleaded guilty to wire fraud and mail fraud, admitting that he worked with an Irvine attorney to bilk victims who thought they were investing in public investments in private entities and money-market programs. He and the attorney promised returns of 25 percent to 35 percent every three to four months. In reality, the victims’ money was never invested. They instead used the money to make Ponzi payments to some investors, and to support their lavish lifestyles. Source: http://7thspace.com/headlines/344492/california_man_sentenced_for_role_in_61_million_ponzi_scheme.html


25. May 14, IDG News Service – (International) Ukrainian arrested in India on TJX data-theft charges. A Ukrainian national has been arrested in India in connection with the most notorious hacking incident in U.S. history. He was one of 11 men charged in August 2008 with hacking into nine U.S. retailers and selling tens of millions of credit card numbers. He was arrested in India last week, according to a spokesman with India’s Central Bureau of Investigation (CBI). The CBI said they had arrested him in New Delhi on the night of May 8, as he deplaned from a flight from Goa, for layover before a flight to Turkey. U.S. authorities had asked for his extradition via diplomatic channels. Known online as “Fidel,” the suspect allegedly sold credit card data on an online forum called DumpsMarket, but he was also active on other forums. Source: http://www.itworld.com/security/107774/ukrainian-arrested-india-tjx-data-theft-charges


Information Technology


53. May 17, SC Magazine – (International) Remaining Facebook users warned about ‘sexiest video’. Websense claimed that new malware is making its way across Facebook in messages that purport to contain ‘the sexiest video ever’. When a user clicks on the ‘video’ they are taken to an application installation screen asking them to allow it to access their profile. Once approved, it claims they have to download an updated FLV Player to view the video and promptly sends an EXE to the user. It detected this as the Hotbar Adware that displays ads in one’s browser based on browsing habits, etc. In addition, the Facebook application will post messages on a browsers’ friends wall on the browser’s behalf with the same ‘sexiest video ever’ message. The message has what appears to be a movie thumbnail of a woman on a bicycle wearing a short skirt, and the video’s length is given as 3:17. Source: http://www.scmagazineuk.com/remaining-facebook-users-warned-about-sexiest-video/article/170322/


54. May 16, eWeek – (International) Google Street View accidentally collected user data via WiFi. Google May 14 said it will no longer collect WiFi data after discovering that its Street View cars unwittingly collected personal information from citizens’ networks, a violation of privacy sure to inflame leaders of countries already wary of Google’s data-collection practices. The search engine initially said in April that its Street View cars did not collect data that people share between WiFi networks and computers, although the cars did collect WiFi network names and router addresses. Google learned after conducting a data audit on behalf of the German government that this was incorrect. “It’s now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) WiFi networks, even though we never used that data in any Google products,” wrote a senior vice president of engineering and research. Payload data can include user e-mails, passwords and Web browsing activity, data the sanctity of which Internet companies such as Google, Yahoo and Microsoft swear to protect. Germany, the United States, Britain and France were among the countries where Google collected this data. Source: http://www.eweek.com/c/a/Search-Engines/Google-Street-View-Accidentally-Violates-User-Privacy-Via-WiFi-290159/


55. May 14, DarkReading – (International) BSA: $51 billion in unlicensed software exacerbates malware problem. The Business Software Alliance (BSA), which represents the commercial software industry and spearheads the effort to stop the spread of unlicensed applications, estimates in its Global Piracy Study 2010 that some $51.4 billion of unlicensed software was distributed in 2009. Aside from the cost to the software industry, the report said the high rate of piracy may be contributing to the spread of malware. The report makes reference to a previous study by International Data Corporation, which revealed that “one in four websites that offered pirated software or counterfeit activation keys attempted to install infectious computer code, like Trojan horses and key loggers, on test computers. Even more striking, 59 percent of the counterfeit software or key generators downloaded from peer-to-peer (P2P) sites contained malicious or unwanted code.” The study also found the cost of recovery from a security incident resulting from pirated software on a PC can cost more than $1,000, often exceeding the cost of legitimate software. Source: http://www.darkreading.com/vulnerability_management/security/app-security/showArticle.jhtml?articleID=224800075


56. May 13, Homeland Security NewsWire – (National) Cybersecurity summit pays little attention to control system’s security. Despite threats of infrastructure attacks, scant attention was paid to control systems during a global security conference. As online attacks increase in severity and reach, targeting everyone from Google to the Pentagon, leading security experts and government officials met last week in Dallas at the EastWest Institute’s first annual Cybersecurity Summit. The goal of the conference was to find common solutions to cybercrime and other online attacks, which respect no national boundaries. However, according to an InformationWeek’s reporter, a major issue — for a meeting intended to find global solutions to information security challenges — is the fact that safeguarding control systems against attackers requires a different approach to securing PCs or networks. Windows-based security products will not help. “All the devices that sense things — temperature, pressure, flow, and things like that — are not Windows, those are proprietary, real-time or embedded, and there is no security there.” Furthermore, seemingly rote IT activities, like installing antivirus on a control system, can actually create a denial of service. “Who needs hackers?” he said. Source: http://homelandsecuritynewswire.com/cybersecurity-summit-pays-little-attention-control-systems-security


For another story, see item 57 below in the Communications Sector


Communications Sector

57. May 17, The New New Internet – (International) Crime friendly ISP offline. A cyber crime friendly Internet service provider (ISP) was knocked offline Friday after its upstream provider had its service cut off, according to Zeus Tracker. PROXIEZ-NET, a Russian based ISP that hosted at least 13 known Zeus command and control channels, lost its connection after its upstream provider, DIGERNET, had its Internet connection cut. It was withdrawn from Internet routing tables, according to an AS Report. PROXIEZ-NET has often been accused of being a haven for cyber criminals. It is unclear how this will impact the botnets that utilize PROXIEZ-NET, as previously disrupted servers have merely found new hosts to reconnect with the infected computers they control. Source: http://www.thenewnewinternet.com/2010/05/17/crime-friendly-isp-offline/

58. May 17, Research – (National) One in four U.S. homes now cell-only. One in four U.S. homes is now cellphone-only, according to figures for the second half of 2009. A further 14.9 percent of homes receive all or almost all calls on mobiles, despite having a landline, meaning that 89 million U.S. adults (nearly two in five) are now cell-only or ‘cell-mostly’. “The potential for bias due to undercoverage remains a real and growing threat to surveys conducted only on landline telephones,” said the latest report from the National Center for Health Statistics (NCHS), which conducts continuous research on health-related behaviors, as well as landline and cellphone usage. Many research organizations are beginning to sample cell-only homes alongside landlines, or to use address-based sampling for telephone fieldwork. The number of cell-only homes has risen steadily from less than 3 percent when NCHS first started collecting the data in 2003. The latest figure shows a rise of 4.3 percentage points from the same period in 2008, roughly the same rate at which it rose in the 12 months before that. Source: http://www.research-live.com/news/one-in-four-us-homes-now-cell-only/4002704.article