Tuesday, December 7, 2010

Complete DHS Daily Report for December 7, 2010

Daily Report

Top Stories

• The Fayetteville Observer reported a search warrant charges that a U.S. Navy intelligence specialist stationed at Fort Bragg sold top secret documents to an undercover FBI agent posing as a foreign intelligence officer. (See item 36)

36. December 5, Fayetteville Observer – (National) Espionage investigation centers on Fort Bragg. A U.S. Navy intelligence specialist stationed at Fort Bragg in Fayetteville and Spring Lake, North Carolina, is under investigation for espionage after he sold top secret documents to an undercover FBI agent posing as a foreign intelligence officer, according to a search warrant filed in federal court December 3. A Naval Criminal Investigative Service spokesman (NCIS) said the 22-year-old, of the Naval Reserve, was being held in Norfolk, Virginia. The warrant indicated the suspect sold documents on several occasions staged by investigators at two Spring Lake hotels. According to the search warrant, the suspect met an undercover FBI agent November 15 in the lobby of the Hampton Inn on Bragg Boulevard. Posing as a foreign intelligence officer, the special agent brought the suspect to his room, where the suspect discussed his access to military computer networks and classified networks, the warrant noted. The suspect allegedly said he could be a very valuable source of information over the course of his planned 20-year Navy career. At a meeting the next day at the same hotel, the suspect produced two documents - one labeled “secret” and the other “top secret” and accepted $1,500 in cash, the warrant alleged. He agreed to meet the agent again November 19, when he produced 51 pages of secret and top secret documents, according to the warrant. Source: http://www.thesunnews.com/2010/12/05/1850907/espionage-investigation-centers.html

• According to the St. Petersburg Times, Hillsborough County, Florida law enforcement officials have investigated 13 incidents of people impersonating police officers, often during the commission of other crimes. (See item 40)

40. December 5, St. Petersburg Times – (Florida) Fake police gear ‘scary’ to those who wear badge. Two brothers were killed and four others were critically injured November 26 while they played cards on the front porch in Ruskin, Florida. But what made a horrible crime even more troubling was the clothing authorities said the 39-year-old suspect wore when he opened fire: a black T-shirt or vest, with “SHERIFF” in big letters across the front. If officials decide to add a charge of impersonating an officer, the case will join 13 similar cases in Hillsborough, Florida this year. “It’s scary,” a Hillsborough County Sheriff’s Office spokesman said. Not just for the public, but for deputies, too, he said. “It undermines the validity of a real law enforcement officer.” Wearing law enforcement gear is not illegal. It is only when someone identifies himself or herself as law enforcement or gives an official directive that the action could become a felony. The gear’s mere existence means deputies and police officers must take extra care to ensure citizens believe they are who they say they are. A spokesman brought up a case from less than 3 months ago, when authorities said a man posing as an officer pulled over a woman, handcuffed her and raped her in a nearby parking lot. Source: http://www.tampabay.com/news/publicsafety/fake-police-gear-scary-to-those-who-wear-badge/1138236


Banking and Finance Sector

11. December 6, Associated Press – (National) ‘Operation Broken Trust’ targets financial fraud. A nationwide law enforcement crackdown targeting financial fraud has led to cases against 343 criminal defendants involving $8.3 billion in estimated losses, the U.S. Attorney General announced December 6. “Operation Broken Trust” is the first national effort of its kind aimed at a broad array of investment fraud schemes, and the 3 and one-half month campaign was organized by the Presidential administration’s Financial Fraud Enforcement Task Force. The schemes that were uncovered highlight “the pervasiveness of the threat,” the FBI’s Executive Assistant Director told a news conference. In one case in Texas, an oil and gas investment Ponzi scheme defrauded 7,700 investors of more than $485 million. In another case, in Chicago, Illinois, the operator of a Ponzi scheme victimized elderly Italian immigrants and hundreds of others after promising them annual returns of 10 to 15 percent. Source: http://www.washingtonpost.com/wp-dyn/content/article/2010/12/06/AR2010120602898.html?hpid=moreheadlines

12. December 4, KSAZ 10 Phoenix – (Arizona) Armed man robs Mesa bank. Mesa, Arizona police and the FBI are looking for a brazen bank robber. Police said the man caught in surveillance photos from Chase Bank at Gilbert and McKellips pointed a gun at a teller November 30. He then handed her a notebook and demanded money, police said. The robber was described as white, in his 30s, about 5 feet 9 inches to 6 feet tall, with a medium build and no hair. He was last seen wearing gray-framed sunglasses; a plaid, fleece-lined hooded jacket, a light blue shirt, and dark pants. Source: http://www.myfoxphoenix.com/dpp/news/crime/armed-man-robs-mesa-bank-12042010

13. December 4, Buffalo News – (New York) Big spender indicted in plan to fool investors. His neighbors in Hamburg, New York, knew the suspect of a financial fraud scheme was a big spender last year, when he bought two homes for a total of $6.3 million, plus a Hummer, a Corvette, two Land Rovers, and a Mercedes Benz — all at the age of 22. But where did the money come from? He stole it from customers of his investment firm, according to federal prosecutors, who charged the suspect December 3 with wire fraud, money-laundering, and conspiracy. “Our indictment alleges that (the suspect) attempted to defraud investors out of more than $8 million between June 2008 and July 2009,” the U.S. attorney said. “When all this started, he was just 21-years-old.” As part of what authorities called a highly sophisticated scheme, the suspect attracted wealthy investors by offering high returns on sophisticated investments, such as “private trust leveraging agreements.” According to court papers, the suspect was such a slippery character that some investors did not know his real name. Source: http://www.buffalonews.com/city/police-courts/courts/article273733.ece

14. December 4, Federal Bureau of Investigation – (California) Third person charged in foreclosure rescue scheme that involved $725 million in mortgages. With a new criminal case being filed December 4 in Los Angeles, California, federal authorities have now charged three defendants for their roles in a foreclosure rescue scam that promised the owners of hundreds of distressed properties that they could indefinitely postpone foreclosure sales. A 74-year-old male of Los Angeles was charged December 4 in U.S. district court with two counts of bankruptcy fraud. In a plea agreement also filed December 4, the suspect admitted his role in the scheme that filed fraudulent bankruptcies to delay foreclosures on more than 1,400 properties that had outstanding loans totaling nearly three-quarters of a billion dollars. As a result of the scheme, which continued through July, numerous lenders lost interest payments on the mortgages for up to 3 years, and the suspect and his associates collected nearly $550,000 in fees from homeowners. Source: http://7thspace.com/headlines/365918/third_person_charged_in_foreclosure_rescue_scheme_that_involved_725_million_in_mortgages.html

15. December 3, Wichita Eagle – (Kansas) 3 men charged in Equity Bank robbery. Three Wichita, Kansas men face federal charges stemming from the December 1 robbery of the Equity Bank. The U.S. Attorney said December 3 his office has charged the three male suspects with bank robbery. The three also face one count of brandishing firearms during the robbery. According to an FBI affidavit filed in U.S. District Court: Three men entered the bank at 555 N. Webb Road just after 10:30 a.m. December 1. Two of the robbers pointed guns at employees. One man covered the lobby, while the other two jumped the counter and removed cash from teller drawers. The gunmen also took money from the bank vault, then fled in a stolen Chevrolet Tahoe, an FBI Special Agent said in a sworn statement to the court. Source: http://www.kansas.com/2010/12/03/1616867/3-men-charged-in-equity-bank-robbery.html

Information Technology

44. December 6, New York Observer – (International) Growing pains: Tumblr’s kittens have been down all night. The increasingly popular blogging service Tumblr, based in New York, had been unavailable since about 6 p.m. December 5. The outage brought down the blogs of various media organizations, including The Observer, as well as the status pages where Twitter and Foursquare communicate with users about their downtime. Tumblr went down because of a scheduled maintenance that “went haywire,” the Tumblr founder told TechCrunch, forcing the engineers to take down a critical database cluster. Tumblr has been manually rebuilding the cluster all night and the service will be up soon, he said. Source: http://www.observer.com/2010/daily-transom/growing-pains-tumblrs-kittens-have-been-down-all-night

45. December 6, ComputerWorld UK – (International) Many malware attacks triggered by USB devices. One in every eight malware attacks occurs via a USB device, often targeting the Windows AutoRun function, according to Czech security vendor Avast Software. The company reported that of the 700,000 recorded attacks on computers in the Avast user community during the last week of October, 13.5 percent came via USB devices such as flash drives. AutoRun alerts computer users when a new device is connected and helps them choose which application should run the new files. “AutoRun is a really useful tool, but it is also a way to spread more than two-thirds of current malware,” said an Avast virus analyst. Cybercriminals are taking advantage of people who use USB flash drives to share large files with friends or transfer files at their workplaces, he said. Infected USB devices — which can include portable gaming units, digital cameras, mobile phones, or MP3 players — start executable files that invite a wide array of malware into host computers. The incoming malware copies itself into Windows and can replicate itself each time the computer is started. Avast urged users not to boot up PCs that already have USB devices attached, because the malware will load before some antivirus programs do. Source: http://www.computerworld.com/s/article/352998/USB_Devices_Guilty_in_Many_Malware_Attacks

46. December 6, The Register – (International) Alleged Russian spam-lord hauled into US court. A Russian who allegedly at one time ran a network of compromised machines responsible for a third of global spam appeared in federal court in Wisconsin December 3 to deny the charges. The 23-year-old resident of Moscow faces charges that he forged e-mail spam messages in violation of the U.S. CAN-SPAM Act, following his arrest at the Bellagio Hotel in Las Vegas, Nevada in November. Prosecutors alleged the Russian was responsible for pumping out a staggering 10 billion spam messages per day, touting pills and counterfeit goods using the infamous Mega-D botnet network. The suspect entered a not guilty plea. He was denied bail after prosecutors successfully arguing he presented a flight risk if released. The prosecution is taking place in Wisconsin because local agents there bought a specimen purchase of Viagra through a Canadian Pharmacy operation allegedly promoted by the suspect’s junk mails, the Associated Press reports. The pills unsurprisingly turned out to be counterfeit. Source: http://www.theregister.co.uk/2010/12/06/mega_d_botmaster_charges/

47. December 6, The Register – (International) Anonymous attacks PayPal in ‘Operation Avenge Assange’. Anonymous has launched a broad-ranging campaign in support of WikiLeaks, starting with a DDoS assault on a PayPal Web site. The denial of service attack lasted for 8 hours and resulted in numerous service disruptions, Panda Security reports. The group, spawned from anarchic message board 4chan, first came to prominence with a long running campaign against the Church of Scientology, its beef with the Hubbard faithful centering on their attempts to censor content from the net. PayPal’s decision to stop processing donations for WikiLeaks following its controversial publication of U.S. diplomatic cables as well as the withdrawal of hosting services by Amazon are seen on 4chan and elsewhere as attempts to censor the whistle-blowing site, a development Anonymous intends to oppose. Source: http://www.theregister.co.uk/2010/12/06/anonymous_launches_pro_wikileaks_campaign/

48. December 6, New New Internet – (National) Study: No hacking needed when modern spies steal corporate data. A new study reveals two-thirds of employees expose sensitive data outside the workplace, some even revealing highly confidential information such as customer credit card and Social Security numbers. Conducted by People Security, the Visual Data Breach Risk Assessment Study also found most companies lack policies or measures to safeguard sensitive information from computer screen snooping when employees are working outside of their offices. 70 percent of the 800 respondents said their company had no explicit policy on working in public places, and 79 percent reported no company policy on the use of privacy filters to prevent visual data breaches. With the increase of mobile workers carrying confidential data with them outside the office, snooping is no longer a harmless hobby and may represent a weak link in corporate data security practices, said the chief security strategist of People Security. More than half of survey respondents are aware of the security issues of using their laptops for work purposes outside their place of employment. 57 percent said they have stopped working on their laptops because of privacy concerns in a public place, and 70 percent said they would be more productive in public places if they thought no one else could see their screen. Source: http://www.thenewnewinternet.com/2010/12/06/study-no-hacking-needed-when-modern-spies-steal-corporate-data/

49. December 4, Federal Bureau of Investigation – (Texas; National) Texas man pleads guilty to computer hacking charges. A United States attorney announced that in Midland, Texas, a 37-year-old Andrews, Texas man faces up to 10 years in federal prison after pleading guilty to illegally accessing his former employer’s computer database and deleting files. Appearing before a United States Magistrate Judge December 3, the suspect pleaded guilty to a charge of one count of computer fraud. By pleading guilty, the suspect admitted that on September 1, 2010, he illegally gained access to the computer system of Gray Wireline, Inc., and deleted approximately 68 files, including analysis reports on oil and natural gas wells in Odessa, Levelland, Denver City, and Andrews, Texas. As a result, Gray Wireline estimates that it had to spend approximately $16,000 to correct and remedy the damage. Source: http://7thspace.com/headlines/365913/texas_man_pleads_guilty_to_computer_hacking_charges.html

50. December 3, eSecurity Planet – (International) Holiday Twitter topics concealing malware. Hackers have been extremely busy devising new Twitter-based campaigns using popular — but bogus — holiday topics to help distribute malware through the popular microblogging site. A quick click on the shortened URLs embedded in several thousand tweets with holiday-themed titles, such as “Nobody Cares About Hanukkah” or “Shocking Video of the Grinch,” can infect a user’s PC or mobile device with malware that is then shared among other followers in short order. Just like a garden variety Black Hat SEO campaign, hackers flood the Twitterverse with tweets on popular or timely topics and then sit back and wait for unsuspecting victims to retweet themselves into a malware-induced malaise. On December 2 alone, PandaLabs researchers said they identified more than 300 Twitter accounts that were specifically targeting various trending topics on the site. Cyber crooks are using anything related to the holidays as enticing lures to get people to infect their mobile devices and PCs. This year, scams offering free Apple iPads have been especially prevalent. But hackers are not limiting their devious campaigns to reindeer and dancing elves. Hot topics ranging from the Sundance Film Festival, the World AIDS Day campaign, and anything related to an actor’s botched speech calling for the U.S. to host either the 2018 or 2022 World Cup soccer tournament, return thousands of malicious tweets with truncated URLs. Source: http://www.esecurityplanet.com/trends/article.php/3915636/Holiday-Twitter-Topics-Concealing-Malware.htm

Communications Sector

51. December 6, CNN – (National) Comcast customers in Midwest experience internet service outage. For the second time in a week, Comcast customers found themselves offline — this time, in the Midwest. On December 5, Internet service outages affected Illinois, Minnesota, Indiana, and Michigan, according to a Twitter account for Comcast customer service. At about 1 a.m. December 6, a Comcast spokesman tweeted, “Everyone should be just about back online, if not should be very shortly.” Last weekend, customers on the East Coast also experienced outages. The disruption affected the Boston and Washington, D.C., areas, a Comcast spokesman said. Source: http://www.cnn.com/2010/US/12/06/comcast.outage/

52. December 6, IDG News Service – (International) RIM to give Indian government access to BlackBerry Messenger. Research In Motion has agreed to provide the Indian government with access to BlackBerry Messenger communications on a case-by-case basis, according to a spokesman for the company in India. The company will, however, only allow the government “lawful access” to these communications after following due legal process, rather than providing continuous access to the messages, the spokesman said. The Indian government said December 3 that its security agencies are still not able to intercept and monitor in a readable format the communications made through RIM’s Messenger and enterprise services. The government believes terrorists are increasingly using mobile and online communications to plan attacks. The government expects to have access to BlackBerry Messenger communications by the end of January 2011, India’s Home Secretary told the Wall Street Journal. A resolution to India’s demand for access to corporate e-mail on BlackBerry Enterprise Server has, however, not been found. The Indian government is working on getting access to these communications from RIM’s corporate customers.

Source: http://www.computerworld.com/s/article/9199778/RIM_to_give_Indian_government_access_to_BlackBerry_Messenger

53. December 4, Lincoln Journal Star – (Nebraska) Windstream voicemail down across the state. Windstream customers in Nebraska may not have been able to access their voicemail December 4. The telephone company reported voicemail outage across the entire state. The company was in the process of upgrading voicemail systems, which caused the outage. A Windstream representative, said service was restored December 4. About 2,000 mailboxes were deleted in the process, but they will be restored, he said. Source: http://journalstar.com/news/local/article_af11005e-4ef7-5833-b291-12b744045fac.html