Thursday, March 17, 2011

Complete DHS Daily Report for March 17, 2011

Daily Report

Top Stories

• WXIA reports an armored car courier was shot to death in a robbery in Atlanta, Georgia, the seventh such robbery committed by the same crew, officials said. (See item 21)

21. March 15, WXIA 11 Atlanta – (Georgia) Courier killed in Toco Hills armored car robbery. An armored car courier was shot to death during a robbery in front of a Kroger store in the Toco Hills Shopping Center in Atlanta, Georgia, just after noon March 15. FBI investigators said the Garda Armored Car courier was walking back to his truck when a gunman walked up and shot him three times. The gunman then grabbed an undisclosed amount of money, hopped in a car and fled the scene in a car police said had been carjacked in Snellville March 14. The courier was taken to Grady Memorial Hospital in Atlanta, where he later died. Garda is offering a $100,000 reward for information leading to the conviction of those responsible for the robbery. Investigators said surveillance video relating to the incident would not be released because of its graphic nature. “There was no provocation, there was no mercy,” an FBI Special Agent said. The FBI said it was the seventh time the same violent robbing crew has targeted armored car couriers. “They fire on these guards without any provocation, I think that is paramount,” the Agent said. Source: http://www.11alive.com/news/local/story.aspx?storyid=182763&catid=3

• According to CNN, the U.S. military has blocked access to a range of popular commercialWeb sites to free up bandwidth for use in Japan earthquake recovery efforts. See item 58 below in the Communications Sector

Details

Banking and Finance Sector

20. March 15, GovInfoSecurity.com – (National) IRS financial systems vulnerable to insider threats. The Internal Revenue Service has been inconsistent in implementing IT security controls to prevent, limit, and detect unauthorized access to its financial systems and information, making them vulnerable to malicious insiders, government auditors said March 15. The IRS failed to restrict sufficiently users’ access to databases to only the access needed to perform their jobs; secure the system employed to support and manage its computer access request, approval, and review processes; update database software residing on servers that support its general ledger system; and enable certain auditing features on databases supporting several key systems, according to a Government Accountability Office (GAO) report. In addition, GAO said, 65 of 88, or nearly three quarters of previously reported weaknesses, remain unresolved or unmitigated. GAO said the IRS has not fully implemented key components of its comprehensive information security program. Although IRS has processes in place intended to monitor and assess its internal controls, auditors said, these processes were not always effective. Source: http://www.govinfosecurity.com/articles.php?art_id=3431

21. March 15, WXIA 11 Atlanta – (Georgia) Courier killed in Toco Hills armored car robbery. An armored car courier was shot to death during a robbery in front of a Kroger store in the Toco Hills Shopping Center in Atlanta, Georgia, just after noon March 15. FBI investigators said the Garda Armored Car courier was walking back to his truck when a gunman walked up and shot him three times. The gunman then grabbed an undisclosed amount of money, hopped in a car and fled the scene in a car police said had been carjacked in Snellville March 14. The courier was taken to Grady Memorial Hospital in Atlanta, where he later died. Garda is offering a $100,000 reward for information leading to the conviction of those responsible for the robbery. Investigators said surveillance video relating to the incident would not be released because of its graphic nature. “There was no provocation, there was no mercy,” an FBI Special Agent said. The FBI said it was the seventh time the same violent robbing crew has targeted armored car couriers. “They fire on these guards without any provocation, I think that is paramount,” the Agent said. Source: http://www.11alive.com/news/local/story.aspx?storyid=182763&catid=3

22. March 15, WEWS 5 Cleveland – (Ohio) Two charged with robbing Twinsburg bank, more robberies under investigation. Two men suspected in multiple bank robberies in Northern Ohio were arrested and charged March 15. The two were charged with one count each of federal bank robbery. The Key Bank on East Aurora Road in Twinsburg was robbed March 14. According to a release from the FBI, a man passed the teller a demand note. After receiving cash, he fled the bank and got away in car waiting outside. A witness to the robbery called 911, and reported the vehicle’s location and description. The FBI said Oakwood Village police followed the car during a high-speed chase, until it crashed in Garfield Heights. The FBI said the duo are suspects in bank robberies across Cuyahoga, Summit and Lake counties, including one the week of March 7 in North Olmsted. These other robberies remain under investigation. One of the perpetrators was set to appear in federal court March 15, while the second man remains hospitalized at MetroHealth Medical Center. Source: http://www.newsnet5.com/dpp/news/local_news/cleveland_metro/Two-charged-with-robbing-Twinsburg-bank-more-robberies-under-investigation

23. March 15, WSBTV 2 Atlanta – (National) Security guard foils fake credit card ring. A security staffer at a retail store helped break up an interstate crime ring that used counterfeit credit cards from Georgia to Ohio, police said. Three men were arrested after a loss-prevention manager at a Meijer store in Lexington, Kentucky reported they were acting strangely while buying iPods. The men are believed to be Chinese citizens who have used faked credit cards in at least five states, a Lexington police spokeswoman said. Lexington police were called by the Meijer employee March 11, she said. The employee gave police a description of the men and their car, and the car was stopped and police found iPods and 86 fake credit cards, police said. According to court records, the men also had $5,200 worth of phone cards, and at least $4,700. The men were charged with 86 counts of criminal possession of a forged instrument and one count each of false making or embossing of a credit card, and receiving goods by fraud under $10,000. It appeared the men flew to Atlanta from California and drove north along Interstate 75, using the cards in Georgia, Ohio, and Indiana, police said. Source: http://www.wsbtv.com/news/27203362/detail.html

24. March 15, Las Vegas Review-Journal – (National; International) Man guilty of securities fraud sentenced to prison, ordered to repay $23.5 million. A former Clark County, Nevada man who stole more than $26 million through mining and real estate investment scams was sentenced March 15 to more than 6 years in federal prison and ordered to pay his victims $23.5 million in restitution. The man created a number of false business fronts from 2001 through 2007, then “told investors that he and his companies were engaged in exploring and developing a series of lucrative mining claims in Peru, Guyana, California and Nevada,” according to a statement from a U.S. Attorney. The stocks he sold were worthless because the mining projects never existed, the statement said. The man reportedly purchased a 6,000-square-foot home in Lake Las Vegas, and several luxury automobiles, according to the U.S. Attorney’s office. All of those assets were seized by the government. The man reportedly told investors in North America and the Middle East he needed their money to fund a water delivery system for an Arizona real estate project. That development, like the mines, was a product of his imagination. According to the U.S. Attorney, he used the ill-gotten gains from the real estate scam to pay his mortgage, make “lavish” home improvements and pay for a riding stable. The judge found the defendant was “delusional and not generally remorseful.” Source: http://www.lvrj.com/news/man-guilty-of-securities-fraud-sentenced-to-prison-ordered-to-repay-23-5-million-118047039.html?ref=039

25. March 9, San Jose Mercury News – (California) Police crack credit card skimming scam in Mountain View, Los Altos. Authorities thwarted a sophisticated scheme to capture the credit card numbers of gas station patrons in Mountain View and Los Altos, California, the Santa Clara County District Attorney’s Office announced March 8. Skimming devices allegedly installed inside gas station pumps by 2 men collected more than 3,600 credit card numbers. However, police arrested the Glendale, California duo before they could retrieve the information. The men face charges including conspiracy, altering a computer, and acquiring credit card information with the intent to defraud, according to the district attorney’s office. An attendant at a gas station in Mountain View first called police December 6, after opening up a pump to investigate an error message. Inside, the attendant found a small device attached to a circuit board. Mountain View police then set up an alarm system to signal officers when the pump was reopened. On December 17, the duo set off the alarm and were arrested. Police searched the duo’s van and found keys that opened the gas pump and notes with addresses, which led police to other stations. In Mountain View, credit card skimmers were found at four stations in addition to one found at a Chevron in Los Altos. Source: http://www.mercurynews.com/breaking-news/ci_17569451?nclick_check=1

Information Technology

52. March 16, Help Net Security – (International) LotusCMS multiple vulnerabilities. A weakness and multiple vulnerabilities have been discovered in LotusCMS, which can be exploited by malicious users to disclose sensitive information and compromise a vulnerable system, and by malicious people to conduct cross-site scripting and request forgery attacks, disclose sensitive information, and compromise a vulnerable system, according to Secunia. Successful exploitation of this vulnerability requires that “magic_quotes_gpc” is disabled. The vulnerabilities are confirmed in version 3.0.3. Other versions may also be affected. Source: http://www.net-security.org/secworld.php?id=10748

53. March 16, The Register – (International) RIM tells users of bloodied BlackBerry to disable JavaScript. Research in Motion (RIM) has suggested BlackBerry users disable JavaScript to protect themselves against a critical vulnerability that allows attackers to remotely execute malicious code and access confidential data stored on the phone. The recommendation issued March 14 came 4 days after contestants in an annual hacking competition exposed a serious security vulnerability in a fully patched BlackBerry Torch 9800. By exploiting a bug in the phone’s Web browser, they were able to write a file to its storage system and steal a complete list of contacts and a cache of pictures stored on the device. “Users of BlackBerry Device Software version 6.0 and later can disable the use of JavaScript in the BlackBerry Browser to prevent exploitation of the vulnerability,” RIM said in the advisory. “The issue is not in JavaScript but the use of JavaScript is necessary to exploit the vulnerability.” Source: http://www.theregister.co.uk/2011/03/16/blackberry_security_advisory/

54. March 16, H Security – (International) Twitter adds ‘Always use HTTPS’ option. The Twitter micro-blogging service has added a new setting that allows users to always use HTTPS when accessing Twitter.com, sending secure data transmissions via SSL, not only during log-in, but also for its other pages. This means that even cookies are now transmitted in encrypted form and can no longer be read and exploited for fraudulent activities by attackers using such tools as the Firesheep extension for Firefox. Source: http://www.h-online.com/security/news/item/Twitter-adds-Always-use-HTTPS-option-1209032.html

55. March 15, Computerworld Hong Kong – (International) Quake damages plants of Fujitsu and Canon. The 8.9 magnitude earthquake in Japan the week of March 6 damaged six plants of the Fujitsu Group and several facilities of Canon. Four of the Fujitsu Group plants with building and equipment damage are in the Fukushima Prefecture plagued by nuclear plant blasts after the quake, while the other two are in the Iwate Prefecture and the Miyagi Prefecture, according to the vendor in a statement March 14. These plants are respective facilities of Fujitsu Semiconductor, Fujitsu Semiconductor Technology, Fujitsu Integrated Microtechnology, and Fujitsu Isotec. Canon reported March 13 severe damage at Fukushima Canon and the Utsunomiya Office that houses an optics R&D center and two plants. While there are 15 cases of injury at the Utsunomiya Office, production at offices and plants in the hard-hit northern Honshu area has been suspended until further notice, the company noted. Companies including Sony and Panasonic also announced suspension at some of their plants earlier. Source: http://www.computerworld.com/s/article/9214640/Quake_damages_plants_of_Fujitsu_and_Canon

56. March 15, IDG News Service – (International) Intel targets security in the cloud with McAfee. Intel March 15 said it will use assets acquired from McAfee to provide cloud security services to protect the growing number of mobile devices that face malware and cyberattack threats. Intel will first offer security products through software and services and later offer security features via hardware, with a heavy focus on providing cloud security services, said the senior vice president and general manager at Intel’s Software and Services Group. He also said mobile devices such as tablets and smartphones are increasingly vulnerable to malware and cyberattacks. Intel wants to design security management capabilities into hardware that activate features on mobile devices to communicate in real time with cloud-based consoles and provide security capabilities such as tackling malware, authenticating users, and verifying Internet Protocol addresses or Web sites, he said. Source: http://www.computerworld.com/s/article/9214607/Intel_targets_security_in_the_cloud_with_McAfee

57. March 15, Beverly Hills Courier – (California) Monterey Park chemical leak prompts hazardous materials response. A chemical leak March 15 at a computer chip manufacturing company in Monterey Park, California, prompted a hazardous-materials response, but no one was hurt, authorities said. The problem was reported at about 3:30 a.m. at Kotura Inc., the Monterey Park fire captain said. He stated firefighters determined the leak involve hydrogen bromide and ammonia, which are used in the manufacturing process. A part of the commercial complex was isolated while crews worked to handle the problem, he said. There were no evacuations, but people were kept away from the area. By 7:30 a.m., the all-clear was given, but Kotura remained closed while an investigation was conducted. Source: http://www.bhcourier.com/article/Local_News/Local_News/Monterey_Park_Chemical_Leak_Prompts_Hazardous_Materials_Response/75118

Communications Sector

58. March 16, CNN – (International) U.S. military blocks websites to help Japan recovery efforts. The U.S. military has blocked access to a range of popular commercial Web sites in order to free up bandwidth for use in Japan recovery efforts, according to an e-mail obtained by CNN and confirmed by a spokesman for U.S. Strategic Command. The sites — including YouTube, ESPN, Amazon, eBay and MTV — were chosen not because of the content, but because their popularity among users of military computers account for significant bandwidth, according to Strategic Command spokesman. The block, instituted March 14, is intended “to make sure bandwidth was available in Japan for military operations” as the United States helps in the aftermath of the March 11 deadly earthquake and tsunami, the spokesman explained. U.S. Pacific Command made the request to free up the bandwidth. The sites, 13 in all, are blocked across the Department of Defense’s .mil computer system. “This is a response to a time of extreme demand for networks,” The spokesman said. He emphasized that it was a temporary measure. “This blockage will be of a temporary nature and may increase or decrease in the size and scope as necessary,” according to the message distributed to military announcing the move. “We are doing this to facilitate the recovery efforts under way in Japan,” The spokesman explained. “We are trying to make sure we are giving them as many avenues and as much support as we can.” Source: http://www.cnn.com/2011/US/03/15/us.military.websites/index.html

Wednesday, March 16, 2011

Complete DHS Daily Report for March 16, 2011

Daily Report

Top Stories

 Associated Press reported dangerous levels of radiation leaked from the Fukushima Dai-ichi nuclear plant in Japan after an explosion and a fire, after which authorities ordered 140,000 people to seal themselves indoors March 15. (See item 8)

8. March 15, Associated Press – (International) Radiation level soars after Japan nuke plant fire. Dangerous levels of radiation leaking from the Fukushima Dai-ichi nuclear plant forced Japan to order 140,000 people to seal themselves indoors March 15 after an explosion and a fire at the plant along the country‘s northeastern coast. In a nationally televised statement, the Japanese prime minister said radiation had spread from the four stricken reactors. Japanese officials told the International Atomic Energy Agency the reactor fire was in a fuel storage pond and ―radioactivity is being released directly into the atmosphere.‖ After the fire was extinguished, a Japanese official said the pool might still be boiling, though the reported levels of radiation had dropped dramatically by the end of the day. That reactor, Unit 4, had been shut down before the quake for maintenance. Experts noted much of the leaking radiation was apparently in steam from boiling water. It had not been emitted directly by fuel rods, which would be far more virulent, they said. Less clear were the results of the blast in Unit 2, near a suppression pool, which removes heat under a reactor vessel, said plant owner Tokyo Electric Power Co. The nuclear core was not damaged but the bottom of the surrounding container may have been, said a spokesman for Japan‘s nuclear safety agency. On March 15, the complex was hit by its third explosion since March 11, and then a fire in a separate reactor. Some 70,000 people had already been evacuated from a 12-mile radius from the Dai-ichi complex. Source: http://www.google.com/hostednews/ap/article/ALeqM5gNOeRzCW105oyzi8VrtqR938MH6g?docId=193d394f40c2464191e6595bf37c1e10

 Computerworld reported March 14 that scammers are leveraging Japan‘s earthquake and tsunami disasters to spread multiple-style Internet scams at record speed. See item 39 below in the Information Technology Sector

Details

Banking and Finance Sector

12. March 14, Reuters – (California) Bomb house suspect pleads guilty to bank robbery. An unemployed computer software engineer originally from Serbia and living in Escondido, California, faces up to 30 years in federal prison after pleading guilty to two counts of brandishing a firearm in the commission of a robbery March 14. As part of the plea deal, federal prosecutors agreed to dismiss five other charges against the man, including one count of possessing explosive devices and one count of illegally manufacturing explosives. But he admitted in court to possessing explosives and the materials to make them, as well as to committing two additional bank robberies, while verifying the plea agreement before a U.S. district judge. Federal investigators said they uncovered evidence linking the man to the robberies after the rented house he shared with his spouse was found stuffed with high explosives, bomb-making chemicals, homemade grenades, guns, and ammunition mixed with paper and other debris piled floor to ceiling. Source: http://www.reuters.com/article/2011/03/15/us-bombhouse-robbery-idUSTRE72E0NP20110315

13. March 14, Bloomberg News – (National) Former mortgage executive pleads guilty in TARP fraud. The former president of Taylor, Bean & Whitaker Mortgage pleaded guilty March 14 in an Alexandria, Virginia, court in connection with a $1.9 billion fraud that included trying to deceive the federal bank bailout program. The 45 year-old Atlanta resident admitted to one count of conspiracy to commit wire fraud, bank fraud, and securities fraud and one count of making false statements. He agreed to cooperate with prosecutors‘ investigation of the company. Federal prosecutors filed a criminal case against the man before a U.S. district judge a week prior to his guilty plea. The former executive faces a maximum of 5 years in prison on each count, plus a fine of as much as $500,000 and full restitution to victims, according to prosecutors. Two other Taylor Bean executives, including its former chairman were charged previously in the scheme by covering up shortfalls at the company. Taylor Bean was once the largest non-depository mortgage lender in the United States, the Securities and Exchange Commission said in a statement. Source: http://www.nytimes.com/2011/03/15/business/15mortgage.html?src=busln

14. March 14, WJXT 4 Jacksonville – (Florida) 15 charged in tri-county mortgage fraud. Eleven people were arrested March 14 and 4 others are still being sought in connection with a mortgage fraud case that spanned Flagler, Volusia, and Lake counties in Florida. The case involved 23 homes and resulted in more than $9 million in losses. Investigators said those arrested were charged with one count of criminal racketeering and one count of conspiracy to commit racketeering, both first-degree felonies. The 2-year investigation, named ―Operation Fast Cash Kickback,‖ focused on a complex scheme involving home buyers, realtors, appraisers, and mortgage brokers, investigators said. They said the suspects artificially raised home prices, falsified appraisals, and pocketed large amounts of cash by facilitating a series of fraudulent home sales. The scam involved using straw buyers to purchase a home, investigators said. They said the straw buyer‘s realtor then asked the seller to raise the price of the home in order for the difference to be provided back to the straw buyer for renovations. Investigators said the appraiser would then inflate the price of the home to meet the contract sales price. At closing, a designated third party individual or shell company received the proceeds for renovations, which ranged from $25,000 to $320,000 for each sale, investigators said. They said the third party recipient then returned a majority of the money back to the straw buyer via check or wire transfer. No renovations were ever conducted on the homes, and each of the properties foreclosed a short time after the sale. Source: http://www.news4jax.com/news/27191298/detail.html

Information Technology

33. March 15, H Security – (International) Adobe warns of zero day vulnerability in Flash and Reader. Adobe has reported that an unpatched vulnerability in its Adobe Flash Player can be exploited to inject and execute malicious code. The vulnerability has reportedly been used for targeted attacks in which victims, rather than being lured to a crafted Web page, were sent infected Excel files via e-mail. These contained a crafted Small Wave Format (SWF) file which ran in Flash Player when the Excel file was opened. Version 10.x for Windows, Mac OS X, Linux and Android, and the embedded Flash plug-in for Chrome, are all reportedly affected. Versions 10.x and 9.x of Adobe Reader and Acrobat for Windows and Mac are also vulnerable, as they contain the same bug in their integrated authplay.dll Flash engine. In at least the Windows edition of version 10 (aka X) the bug cannot be exploited to compromise a system. The sandbox function prevents malicious code from accessing the operating system, blocking attackers from installing malware. No attacks on Adobe Reader have been observed. Source: http://www.h-online.com/security/news/item/Adobe-warns-of-zero-day-vulnerability-in-Flash-and-Reader-1208184.html

34. March 15, Help Net Security – (International) Complexity as the leading security issue. Research from Check Point and the Ponemon Institute shows organizations struggle with a growing set of security priorities and limited employee awareness about corporate policies. According to the survey of over 2,400 IT security administrators around the world, managing complex security environments is the most significant challenge facing organizations today, with over 55 percent of companies using more than seven different vendors to secure their network. According to the survey, over 700 respondents believe the primary concern with emerging technology adoption is compliance. With the proliferation of cloud computing, mobility, Web 2.0, and file sharing applications, organizations often struggle to apply the appropriate levels of security across all layers of the network, while also adhering to stringent compliance requirements. While emerging technologies have created new methods of communication and collaboration for enterprises, organizations struggle with managing multifaceted IT environments; this often contributes to greater security complexity and the risk of data loss by employees. Source: http://www.net-security.org/secworld.php?id=10743

35. March 14, H Security – (International) Pwn2Own 2011: Google patches hole in Chrome. Google has released an update for the Windows, Linux, and Mac OS X versions of its browser. The update closes a hole in WebKit that was originally exploited in Blackberry devices –- because, like the Blackberry browser, Chrome and Safari are also based on WebKit. The hole has yet to be closed in BlackBerry, Safari, Mobile Safari, Android, and other WebKit-based products. Source: http://www.h-online.com/security/news/item/Pwn2Own-2011-Google-patches-hole-in-Chrome-1207231.html

36. March 14, threatpost – (International) Scammers pushing fake AV via Skype. According to a new report from Krebsonsecurity.com, groups responsible for pushing fake anti-malware programs are using Internet-based phone calls over the Skype network to trick unsuspecting users into downloading their fraudulent software. Skype users are reporting they are getting automatic calls from vendors pushing rogue anti-virus. The scam is not unlike an unwanted telemarketer call, with users asked to follow instructions given by the mechanized call. Those who fall for the ruse find themselves hit with a ubiquitous scareware page, warning them that their computer is infected and advising them to erase the threats from their computer. After clicking through the warning, users are sent to a ―shopping cart‖ which convinces them to purchase their ―professional online repair service.‖ Previously spammers have used Skype to peddle their malware via online notifications, while larger projects, like spam campaigns and worms, have become more commonplace with the software. Source: http://threatpost.com/en_us/blogs/scammers-pushing-fake-av-skype-031411

37. March 14, The Register – (International) Windows 7 customers hit by service pack 1 install ‘fatal error’ flaws. A brace of ―fatal errors‖ is hampering Windows 7-based computers that have been updated with Microsoft‘s first service pack for its current operating system. Since Windows 7 SP1 was released late in February, many users have been complaining on forums about problems with the install of the update package. Similarly, The Register has heard from many upset readers who are wasting time rebuilding their machines after the service pack had led to fatal flaws in the OS. ―Basically, if you have an OEM machine connected to a server running WSUS [Windows Server Update Services] with the default settings it offers and installs SP1 automatically. This is killing machines and stopping them booting with a C00000034 fatal error,‖ said one reader. Separately, Windows 7 punters applying the SP1 update package have stumbled into a reboot looping glitch after encountering: ―Error C000009A applying update operation 120782 of 367890.‖ A Microsoft employee confessed March 14 that the firm had yet to discover the cause of the errors. Source: http://www.theregister.co.uk/2011/03/14/microsoft_windows_7_sp1_fatal_error/

38. March 14, Dallas Morning News – (International) Texas Instruments plant in Japan will be idle for months because of earthquake. Texas Instruments Inc. said March 14 that damage at one of its chip plants in Japan is so severe that it will return to full production no sooner than mid-July. The Dallas, Texas-based semiconductor maker said the Miho plant made products that accounted for about 10 percent of total sales in 2010, and the shutdown will reduce first- and second-quarter financial results. The company said it has identified alternate manufacturing sites for about 60 percent of Miho‘s production, which consisted of analog and DLP chips for a variety of high-tech devices. The company said the return to normal production could be delayed further if the power grid is not repaired or other complications arise. The Miho plant is about 40 miles northwest of Tokyo. Texas Instruments said the infrastructure that delivers chemicals, water, and other materials to the plant was damaged, and about 60 percent of the chips under construction when the earthquake hit were destroyed. The extent of the harm to manufacturing equipment will not be known until power is fully restored. Source: http://www.dallasnews.com/business/technology/headlines/20110314-texas-instruments-plant-in-japan-will-be-idle-for-months-because-of-earthquake.ece

39. March 14, Computerworld – (International) Criminals kick off Japanese disaster scams at record speed. Criminals have jumped on Japan‘s twin earthquake and tsunami disasters at record speed, security experts said March 14. Scams range from links to fake anti-virus downloads and phony donation sites to classic online swindles that rely on greed. ―What‘s surprising this time is how quickly they picked up on the news,‖ said a security researcher with U.K.-based Sophos. ―We knew [scams] were coming, but they started appearing in record-breaking time, less than 3 hours after the earthquake.‖ Facebook has been used by cyber-crooks to collect information when users click on a link posing as CNN video footage of the tsunami, said Sophos. Scammers are also flooding e-mail inboxes with messages asking recipients to donate money to relief efforts, said a Symantec researcher. Another Symantec researcher noted that other scams have appeared taking advantage of news of the earthquake and tsunami. ―Symantec has observed a classic 419 message targeting the Japanese disaster,‖ said the researcher. ―The message is a bogus ‗next of kin‘ story that purports to settle millions of dollars owing to an earthquake and tsunami victim.‖ Crooks have also registered a large number of domains with URLs that may fool users into thinking that they are legitimate donation or relief sites, he said, a tactic that can also push those sites higher on search results. Source: http://www.computerworld.com/s/article/9214518/Criminals_kick_off_Japanese_disaster_scams_at_record_speed

Communications Sector

40. March 14, Associated Press – (International) Pentagon blocks workers’ access to Japan videos to free bandwidth. The Pentagon‘s Cyber Command has shut down Defense Department workers‘ access to popular streaming video Web sites including YouTube, Amazon, and Googlevideo, Associated Press reported March 14. Officials say the tremendous demand to see the Japan earthquake is eating up bandwidth already weakened by Internet problems in that part of the world. Cyber Command has directed the Defense Information Systems Agency to temporarily restrict access to the Web sites. Most employees see the message ―Website Blocked‖ in bright red letters when they go to one of the sites. Cyber Command says the restrictions are no reflection on the Web sites. The command says the sites have been blocked at the request of U.S. Pacific Command to help meet the needs of the military because its networks and circuits in the region are facing extreme demands. Source: http://hosted2.ap.org/apdefault/54828a5e8d9d48b7ba8b94ba38a9ef22/Article_2011-03-14-Pentagon-Websites/id-2a4bf06a43104049a4e1f0dd3fdd8b74