Thursday, November 18, 2010

Complete DHS Daily Report for November 18, 2010

Daily Report

Top Stories

• The Federal Deposit Insurance Corp. (FDIC) is conducting about 50 criminal investigations of former executives, directors, and employees at U.S. banks that have failed since the start of the financial crisis, according to the Wall Street Journal. (See item 17)

17. November 17, Wall Sreet Journal – (National) U.S. sets 50 bank probes. The Federal Deposit Insurance Corp. (FDIC) is conducting about 50 criminal investigations of former executives, directors and, employees at U.S. banks that have failed since the start of the financial crisis. The agency responsible for dealing with bank failures is stepping up its effort to punish alleged recklessness, fraud, and other criminal behavior, as U.S. officials did in the wake of the savings-and-loan crisis a generation ago. More than 300 banks and savings institutions have failed since the start of 2008, but just a few have led to criminal charges being filed against bank officials. In an interview, the deputy inspector general at the FDIC, which works with the FBI to investigate crime at financial institutions, said the probes involve failed banks of all sizes in cities across the United States. The FDIC is also ramping up civil claims to recover money from former bankers at busted lenders. Source: http://online.wsj.com/article/SB10001424052748703628204575619000289073686.html

• The New York City subway system is ill-prepared for a mass evacuation in the case of a fire, explosion, or terrorist attack, according to a whistleblower lawsuit filed in federal court, the New York Post reports. (See item 26)

26. November 16, New York Post – (New York) New York subways not prepared for a mass evacuation, bombshell lawsuit claims. The New York City subway system is ill-prepared for a mass evacuation in the case of a fire, explosion, or terrorist attack, and a judge needs to command the Metropolitan Transportation Authority (MTA) to fix the “very dangerous and potentially lethal” conditions, according to a whistleblower lawsuit filed by a 25-year MTA veteran in Brooklyn federal court November 17. In August 2007, the former superintendent in the division of station operations, told his bosses that the “anti-crime” gates — which make it possible to close off alternate entrances and exits to subway stations during certain times of the day — were open, but not padlocked open. That meant someone could enter the station, close the gates, and lock them, creating “a very dangerous and potentially lethal event in an emergency situation,” like an explosion, bomb threat, or chemical or biological attack, the suit said. The former superintendent also claimed the MTA provided him with too few chains and padlocks for the gates, and when transit bosses took a survey of how many were unsecured, “the actual safety conditions in the field were being underreported in the survey.” Source: http://www.nypost.com/p/news/local/brooklyn/subways_not_prepared_for_mass_evacuation_UMwjMQHWM5b0PN0BtnIEJP

Details

Banking and Finance Sector

17. November 17, Wall Sreet Journal – (National) U.S. sets 50 bank probes. The Federal Deposit Insurance Corp. (FDIC) is conducting about 50 criminal investigations of former executives, directors and, employees at U.S. banks that have failed since the start of the financial crisis. The agency responsible for dealing with bank failures is stepping up its effort to punish alleged recklessness, fraud, and other criminal behavior, as U.S. officials did in the wake of the savings-and-loan crisis a generation ago. More than 300 banks and savings institutions have failed since the start of 2008, but just a few have led to criminal charges being filed against bank officials. In an interview, the deputy inspector general at the FDIC, which works with the FBI to investigate crime at financial institutions, said the probes involve failed banks of all sizes in cities across the United States. The FDIC is also ramping up civil claims to recover money from former bankers at busted lenders. Source: http://online.wsj.com/article/SB10001424052748703628204575619000289073686.html

18. November 17, WLS 890 AM Chicago – (Indiana) Feds: ‘Swine Flu’ bank robber was B of A employee. The “Swine Flu Bandit” was a Bank of America employee, federal prosecutors said November 16. The suspect, whose father is a hired killer and mother is a Chicago, Illinois cop, was nabbed by the FBI November 10 as he peered through a Chicago bank window. The suspect was armed with a handgun and matched the description of the Swine Flu Bandit, a suspect in nine bank holdups where the robber wore a mask and said he was suffering from swine flu, according to the FBI. The robber pointed a gun and threatened to kill a bank employee in at least one heist, prosecutors said. The suspect, whose back was injured in a car wreck, was on leave from Bank of America in Seattle, Washington. He previously worked for Chase Bank in Chicago, officials said. The suspect, 28, is charged in the November 6 robbery of a Chase branch at 550 S. Dearborn. He relied on his banking know-how in his holdups, prosecutors said. The FBI found $224,000 inside a safe in a South Side home where the suspect was staying, officials said. Source: http://www.wlsam.com/Article.asp?id=2024566&spid

19. November 16, WFAA 8 Dallas-Fort Worth – (Texas) Dallas police shoot suspected bank robber. Dallas, Texas police wounded an armed suspect in a shootout near the

Wells Fargo bank branch at LBJ Freeway and Coit Road November 16. Police said the man arrived at the bank in a taxicab around 2 p.m. He was armed with what appeared to be two weapons. The man exited the bank a few minutes later and got back into the cab, but he did not get far. “Around the corner, he tried to exit the cab and flee on foot, at which time officers converged on the cab and on the suspect,” said Dallas police. “The suspect attempted to hide.” Two officers spotted the man near the Crazy Buffet restaurant and drew their weapons. Detectives said they saw the suspect pull out what appeared to be a 9mm gun. There was an exchange of gunfire. Police later determined that the suspect’s pistol was not what it appeared. The suspect was taken to the hospital and is expected to recover. Source: http://www.wfaa.com/news/local/Police-shoot-suspected-bank-robber-108491879.html

20. November 15, Media Newswire – (National) Principal of A&O Entities pleads guilty to his role in $100 million fraud scheme involving life settlements. A 36-year-old male, of Houston, Texas, pleaded guilty November 15 in U.S. District Court in Richmond, Virginia, to conspiracy charges in connection with his role as a principal of the A&O entities, a group of businesses that acquired and marketed over $100 million of investments in life settlements to more than 800 victims across the United States and Canada, announced the U.S. Attorney of the Eastern District of Virginia and the assistant attorney general of the criminal division. The suspect pleaded guilty to a two-count criminal information alleging conspiracy to commit mail fraud and conspiracy to commit money laundering involving losses to investors of more than $50 million. At sentencing, he faces a maximum penalty of 5 years in prison and a $250,000 fine on each count. According to court documents, the suspect admitted to making material misrepresentations and omissions to investors about A&O. Specifically, he admitted making false statements and omissions about A&O’s safekeeping and use of investor funds and about the risks of A&O’s investment offerings. The suspect also admitted that he and his co-conspirators failed to inform A&O investors that the vast majority of investor money was used for purposes wholly unrelated to purchasing and maintaining portfolios of life settlements. Source: http://media-newswire.com/release_1133559.html

21. November 12, KPTV 12 Portland – (Oregon) Reward offered In bank fraud investigation. The FBI and Wells Fargo bank are offering a reward to help track down a former bank manager in Coos Bay, Oregon accused of taking up to $1.2 million from customers. They are offering a $10,000 reward for information leading to the arrest of a female suspect. FBI agents and police raided her home in October as part of an investigation into allegations she stole from accounts at a Wells Fargo branch in Coos Bay. The FBI said the suspect worked for the bank from August 2006 to August 2010. The suspect was fired when Wells Fargo discovered she had opened bank accounts for customers without their knowledge to get commissions for the new accounts. A federal judge issued an arrest warrant for the suspect October 27 based on charges of identity theft, aggravated identity theft, credit card fraud, wire fraud, bank fraud, and money laundering. Investigators have asked for the public’s assistance in locating her. Source: http://www.kptv.com/news/25779065/detail.html

Information Technology

55. November 17, The Register – (International) Hackers hop onto royal engagement search results. Knaves, scoundrels and others took only minutes to leap onto November 16’s news of the engagement of a prince of England in a bid to expose surfers to malware. Links to malicious sites appeared prominently in Google searches for the prince’s fiance. Malicious downloads are offered to surfers under the guise of a Firefox update, as explained in a blog post by GFI Software. Net security firm Websense adds that prince-themed search terms have also been poisoned, in many cases towards redirecting surfers towards sites touting rogue anti-virus (scareware). Websense recently reported that 22.4 percent of all searches for current news leads to malicious search results, a figure that probably increases for the biggest stories such as the royal wedding engagement announcement. Source: http://www.theregister.co.uk/2010/11/17/royal_engagement_malware/

56. November 16, KSL 5 Salt Lake City – (Utah) Changing password may help curb computer virus. A computer virus plaguing inboxes the week of November 15 appears to be affecting Web-based e-mail accounts. The fix might be as simple as changing a password. The virus can be caught through spam that erroneously looks like it is from the user. It is sent to people the user knows. The subject line is blank and the body of the e-mail contains no text, just an e-mail link. It is invasive, bothersome, and mysterious, and believed to be affecting thousands of people in Utah. The e-mail administrator at Internet Service Provider XMission investigated and found a common link in Web-based e-mail accounts such as Hotmail, Yahoo, and Gmail. In most cases that XMission checked, passwords may have been hacked, allowing access to e-mail address books. Changing passwords appears to be an important, yet simple fix. XMission’s vice president of operations said some of the problems have been fixed for providers, but not all. “This is fairly typical to what is happening all the time. Just follow best practices, good passwords, anti-virus software,” he said. Experts said it is wise to have a good password in general — a mix of letters and numbers, at least eight characters long, and not found in the dictionary. Source: http://www.ksl.com/?nid=148&sid=13301520

57. November 16, Computerworld – (International) Adobe patches under-attack Reader bug. Adobe November 16 issued an emergency update for its popular Reader PDF software that patched two critical vulnerabilities, including one attackers have exploited for weeks. The more notable flaw fixed in Reader 9.4.1 for Windows and Mac OS X was a bug that hackers have been leveraging since late October using malicious PDF documents. Those attacks have taken advantage of a flaw in Reader’s “authplay” component. Authplay is the interpreter that renders Flash content embedded within PDF files. Successful attacks have dropped a Trojan horse and other malware on victimized Windows PCs. The second vulnerability addressed November 16 was disclosed on the Full Disclosure security mailing list earlier this month. At the time, Adobe said the flaw could be used to crash Reader, but not Acrobat, and said it was unsure whether an exploit could compromise a computer running the PDF program. Only the Windows and Mac versions of Reader and Acrobat were patched November 16. An updated Reader for Linux/Unix will not ship until November 30. Adobe also postponed a patch for the older Adobe 8.x, which is vulnerable to the second bug. Neither bug affected the Android version of Reader Adobe launched in August. Adobe Reader and Acrobat for Windows and Mac OS X can be downloaded using the links included in November 16’s advisory. Alternately, users can call up the programs’ built-in update mechanisms to grab the new versions. Source: http://www.computerworld.com/s/article/9196818/Adobe_patches_under_attack_Reader_bug

58. November 16, IDG News Service – (National) Man charged with stealing secrets from wireless company Sirf. A San Ramon, California, man is facing charges he stole valuable technology from his former employer in hopes of building competitive location-aware products. The suspect was arrested November 16, on charges he stole trade secrets from Sirf Technology, a San Jose, California, maker of Global Positioning System chipsets, used by wireless location-aware programs in devices such as mobile phones and automobile navigation systems. A noted expert on location aware technology, he had been a director of software development before resigning from Sirf in May 2009. He had been with the company for 7 years. According to prosecutors, the suspect set up a company called Anywhere Logic “in order to develop and sell location-based services utilizing trade secrets stolen from Sirf.” He allegedly hired two Sirf engineers away from Sirf to work at Anywhere Logic. They have also been charged in the case, but are now living in China. The suspect was indicted by a grand jury November 10, but the indictment was sealed until he was arrested. He could face a 10-year sentence if convicted of the charges. He was released on a $500,000 bond after making his first court appearance at the U.S. District Court for the Northern District of California in San Jose, November 16. Sirf was acquired by the U.K.’s Cambridge Silicon Radio, a maker of Bluetooth and wireless chipsets, in 2009. Source: http://www.computerworld.com/s/article/9196878/Man_charged_with_stealing_secrets_from_wireless_company_Sirf

59. November 16, Computerworld – (International) Hackers, spammers will target Facebook Messages, say experts. Facebook’s revamped Messages will be a very attractive target for spammers, scammers, and malware makers, security experts said November 16. Facebook countered, saying that it has implemented new measures to protect users, including third-party anti-spam filtering of inbound e-mail. On November 15, Facebook unveiled its new Messages, which adds e-mail to the ways members can communicate with friends. An all-in-one inbox collects Facebook messages, instant messages, text messages, and e-mail into a single view. The addition of e-mail means that spammers and scammers have yet another way to reach users, said a senior security adviser at antivirus vendor Sophos. The security adviser compared Facebook’s history of combating spam with Google’s Gmail, and gave the thumbs up to the latter. “In Gmail, it’s not impossible to spam, but it’s difficult ... Gmail does a pretty damn good job of protecting users.” In a reply to questions, a Facebook spokesman said the company has contracted with a third-party vendor to “supplement our spam detection and protection for messages sent from e-mail addresses off of Facebook.” Source: http://www.computerworld.com/s/article/9196828/Hackers_spammers_will_target_Facebook_Messages_say_experts

60. November 16, SC Magazine UK – (International) Symantec claims breakthrough in understanding on how Stuxnet operates and what its targets are. The Stuxnet worm requires the industrial control system to have frequency converter drives from at least one of two specific vendors. According to a Symantec representative, new research that was published late the week of November 8 established that Stuxnet searches for frequency converter drives made by Fararo Paya of Iran, and Vacon of Finland. He said: “The new key findings are that Stuxnet requires particular frequency converter drives from specific vendors, some of which may not be procurable in certain countries. Stuxnet requires the frequency converter drives to be operating at very high speeds. While frequency converter drives are used in many industrial control applications, these speeds are used only in a limited number of applications. Stuxnet also changes the output frequencies and thus the speed of the motors for short intervals over periods of months. Interfering with the speed of the motors sabotages the normal operation of the industrial control process. Symantec’s new detection therefore determined that once operation at those frequencies occurs for a period of time, Stuxnet then hijacks the PLC code and begins modifying the behavior of the frequency converter drives. In addition to other parameters, over a period of months, Stuxnet changes the output frequency for short periods of time to 1,410Hz and then to 2Hz and then to 1,064Hz. Modification of the output frequency essentially sabotages the automation system from operating properly,” he said. Source: http://www.scmagazineuk.com/symantec-claims-breakthrough-in-understanding-on-how-stuxnet-operates-and-what-its-targets-are/article/190903/

61. November 16, Reuters – (National) U.S. sees huge cyber threat in the future. The United States faces a major threat in the future from cyber technologies that will require civil-military coordination to shield networks from attack, the U.S. Defense Secretary said November 16. “I think there is a huge future threat. And there is a considerable current threat,” he told The Wall Street Journal CEO Council. The Defense Department (DoD) estimated that more than 100 foreign intelligence organizations have attempted to break into U.S. networks. Every year, hackers also steal enough data from U.S. government agencies, businesses, and universities to fill the U.S. Library of Congress many times over, officials said. The Secretary said the U.S. military had made considerable progress protecting its own sites and was working with private-sector partners “to bring them under that umbrella.” But how to allow Pentagon know-how to be applied to protecting domestic infrastructure can be tricky for legal reasons, including fear of violating civil liberties. “The key is the only defense that the United States has against nation-states and other potential threats in the cyber-world is the National Security Agency,” he said, referring to the super-secretive DoD arm that shields national security information and networks, and intercepts foreign communications. Last month, the Presidential Administration announced steps to allow greater cooperation between the NSA and DHS. Source: http://www.reuters.com/article/idUSTRE6AF4UX20101116

Communications Sector

62. November 17, AOL News – (National) Emergency broadcast system coming to cell phones. The communications company Alcatel-Lucent announced November 16 that it is creating a Broadcast Message Center that will allow government agencies to send cell phone users specific information in the event of a local, state, or national emergency. It will be similar to the TV alerts in that the text messages will be geographically targeted for areas where a tornado alert or major road closure, for example, is in effect. The Broadcast Message Center is designed to help mobile phone companies comply with new federal rules outlined in the Federal Communication Commission’s (FCC) Commercial Mobile Alert System, the Urgent Communications journal reported. Under the new system, all phones would receive emergency alerts directly from the U.S. government about terrorist attacks or natural disasters, but users can opt out of receiving local warnings about weather, traffic accidents, or Amber Alerts. The system has already been tested in California and Florida, and is expected to be up and running in compliance with FCC guidelines by April 2012. Source: http://www.aolnews.com/nation/article/emergency-broadcast-system-coming-to-cell-phones/19721588

63. November 16, KSL 5 Salt Lake City – (Utah) Copper wire thieves knocked out fiber optic cable. Thousands of customers in Northern Utah had their telephone and Internet service restored after thieves attempted to steal 1,000 feet of copper cable, but got fiber optic cable instead. Someone snuck through a hole in a fence near 1400 West and 200 South November 15, then lifted heavy iron lids to get to a series of cables, which carry telephone and Internet to Tooele, western Utah and northeastern Nevada. The thieves cut the line from one vault ,and pulled out 1,000 feet of cable out another several blocks away. They left it there, apparently disappointed to find fiber optic rather than copper, which draws a pretty penny on the black market. It took nearly 24 hours for Beehive Telephone’s crews to string the cable back through the line and repair the damage, and cost an estimated $20,000. Source: http://www.ksl.com/?nid=148&sid=13301386

64. November 16, Talladega Daily Home – (Alabama) AT&T service problems continue in Talladega County. Dropped calls and delayed text messages have plagued Talladega County, Alabama AT&T customers for the past few months, resulting in numerous phone calls to customer service and numerous attempts by AT&T to pacify them. Complaints range from customers receiving 6-day old text messages all at once, to elation that their cell phone actually rang that day. But the consensus among most disgruntled customers is the inability for AT&T to secure a date and time when service will improve. Customers have heard that their service woes would be taken care of in October, and early November, and now the date heard around the county is November 20. The main source of the poor reception in Talladega County is what an AT&T customer service representative refers to as a degraded tower. “From our maps here, we have a tower down 10 miles from Talladega,” she said. She said the outage started September 27 and the planned restoration for that degraded tower will be by November 20. Source: http://www.dailyhome.com/view/full_story/10340064/article-AT-T-service-problems-continue-in-Talladega-County?instance=home_lead_story