Friday, March 18, 2011

Complete DHS Daily Report for March 18, 2011

Daily Report

Top Stories

• Associated Press reports a natural gas line exploded in Minneapolis, Minnesota, March 17, scorching many vehicles, shutting down highways, and forcing the evacuation of many homes and businesses. (See item 1)

1. March 17, Associated Press – (Minnesota) Fiery explosion forces evacuations in south Minneapolis. A natural gas line exploded in Minneapolis, Minnesota, March 17, sending flames shooting high into the sky, scorching nearby vehicles and forcing authorities to temporarily evacuate nearby residents. The assistant fire chief said the gas has been shut off, and that there are no known injuries. The initial blast around 8:30 a.m. left a large hole in the road in front of a Cub Foods supermarket near the interchange of Interstate 35W and Minnesota 62. Cars in the parking lot were scorched in the blast. The assistant chief said a second explosion rocked the area a little later. The flames died after authorities shut off the gas line at about 10:30 a.m. Gas levels in the air had reached 80 parts per million but are back down to zero, the assistant chief said. A major trunk gas line for that section of Minneapolis exploded, and state pipeline safety officials are on the scene, according to a spokeswoman for CenterPoint Energy. She said it was too early to determine the cause. An apartment complex, day care and church near the scene were evacuated, and people inside the grocery store were told to leave through the back. One school was evacuated and put on lockdown. School officials planned to keep students indoors for the rest of the day. By late morning people were being allowed to return to everywhere but the immediate area around the supermarket. Source:

• According to the Indianapolis Star, a former lawyer was arrested March 16 on charges he masterminded a fraud that bilked thousands of Ohio families out of more than $200 million. See item 14 below in the Banking and Finance Sector


Banking and Finance Sector

14. March 17, Indianapolis Star – (Indiana; Ohio) Durham is charged in $200 million fraud. Twenty years after he left a top Indianapolis, Indiana law firm on his quest to become the richest man in the world, a lawyer was arrested at his Los Angeles, California-area home on charges that he masterminded a fraud that bilked thousands of Ohio families out of more than $200 million. Federal prosecutors announced the charges March 16 in Indianapolis, much to the relief of residents across Ohio stung by the implosion last year of Fair Financial, a small finance company authorities said the three men looted to support a lavish lifestyle. The lawyer and two co-conspirators each were charged March 15 on 12 separate counts of conspiracy and wire and securities fraud related to the operation of the finance company in Akron, Ohio. Securities and Exchange Commission regulators weighed in as well, filing a civil lawsuit March 16. It contends two of the men used loans from Fair “to pay their daily living expenses and to support lavish personal lifestyles.” Splashy FBI raids in November 2009 shut down Fair Financial and the lawyer’s main investment firm, Obsidian Enterprises in Indianapolis. Source:|head

15. March 17, New York Post – (New York) 4 busted in ATM-card $kim scam. Four scam artists have been busted on charges of skimming debit-card info at a pair of banks in Queens, New York — and putting the data on Starbucks and Century 21 gift cards they programmed to work at ATMs, the New York Post has learned. They allegedly made $30,000 in purchases before they were busted. The four accused in the plot managed to set up skimmers at ATM machines in two Chase banks in Astoria, authorities said. They allegedly used the information they obtained to program the gift cards to function as ATM cards — and withdrew cash at Chase branches in Manhattan March 12, cops said. Two of the accused pilfered $6,000 at an East 23rd Street branch before bank officials were alerted to a suspicious pattern of transactions, authorities said. Cops nabbed the duo and recovered 18 fraudulent gift cards. The other two members of the group, who had 78 bogus gift cards, allegedly stole $24,000 from accounts at a Midtown Chase branch. Source:

16. March 17, Detroit Free Press – (National) Clinton Township finance firm accused in connection with $45-million Ponzi scheme. A Clinton Township, Michigan, firm, Cash Flow Financial, is accused of taking part in a $45-million Ponzi scheme that bilked more than 600 clients, according to a complaint filed the week of March 14 in U.S. District Court for the Eastern District of Michigan. The U.S. Commodity Futures Trading Commission (CFTC), which filed the complaint, claims that two men linked to Cash Flow fraudulently solicited and accepted money as part of a commodity pool to trade futures contracts and securities. None of the defendants has ever been registered with CFTC. The commission alleges the two men falsely represented the commodity pool was profitable. The complaint said the pair failed to disclose material facts from at least November 2007 through the present, and had solicited money through monthly conference calls and Webinars. The complaint also said one of the men, who controls day-to-day operation of the pool, misappropriated money for his family’s expenses. Source:

17. March 16, Denver Post – (National) ‘Ho-Hum Bandit’ strikes again in Edgewater. A man suspected of being “The Ho Hum Bandit,” a multi-state serial bank robber, has a growing reputation after the robbery of an Edgewater, Colorado, bank just after noon March 16. The robber with a laid back demeanor has also robbed banks in San Diego and Los Angeles in California, Cheyenne, Wyoming, Seattle, Washington, and the Denver metro area, the FBI office in Denver said March 16. Banks in Southern California pooled together a $15,000 reward after a dozen robberies there last summer. The suspect is described as white, in his early 30s, about 5 feet, 5 inches tall and weighs about 150 pounds. Authorities said he asked for money from a teller at the Chase Bank branch at 1705 Sheridan Boulevard. Source:

18. March 16, Wall Street Journal – (New York) Man charged with using fake bomb in real heists. A Long Island, New York man was charged March 16 with committing bank robberies over the summer in which he strapped a fake bomb to his body. The 59-year-old man was charged with twice robbing the Chase Bank on Sunrise Highway in West Babylon and holding up the HSBC Bank on Walt Whitman Road in Huntington Station. In those robberies, which occurred in July and August of 2010, the robber wore simulated explosive devices beneath a dress suit, police said. Suffolk County police also charged the man, a resident of West Babylon, with a fourth robbery August 10 at the HSBC Bank in Commack iwhere the robber did not claim to have a bomb. Police in Nassau County arrested the man in September and charged him for a bank robbery there. The accused robber was awaiting arraignment the evening of March 16. According to prison records, he was paroled on a robbery case on May 26, 2010. Source:

19. March 16, Connecticut Post – (National) FBI busts $465,000 credit card scam. Federal investigators arrested and indicted a former Bridgeport, Connecticut resident who they say orchestrated a scam in which foreign nationals applied for and received credit cards on which they charged up to $465,000 worth of goods before leaving the country with the banks holding the tab. A federal grand jury March 16 indicted the man the FBI said headed the operation that recruited Arab nationals. The man faces a charge of conspiring to commit wire fraud and the reputed head is under arrest and facing seven charges of wire fraud. An affidavit filed by the FBI Special Agent claims he was paid $5,000 to come to Connecticut from Florida to oversee the ring. He helped recruit Arab nationals to apply for credit cards, run the cards to their maximum, pay off a portion with fraudulent checks and then apply for larger credit lines. The credit cards were used to buy merchandise as well as gamble at the Mohegan Sun Casino. A $26,000 car was purchased at a Rye, New York dealership. At some point, the cards were maxed out and the individuals left the area and in some cases, the country. One participant had 64 different cards on which $238,000 was drawn. Among the victims were American Express, Bank of America, Chase, and People’s Bank. Source:

Information Technology

47. March 17, IDG News Service – (International) Taiwan expects multiple impacts on tech from Japan quake. Taiwan’s economic ministry expects its semiconductor and display panel industries to take a hit from the earthquake in Japan the week of March 6 as supplies were suspended due to factory damage or transportation snarls. Local display-panel giants AU Optronics and Chimei-Innolux will see “a rather large impact” if Hitachi Chemical slows production of anisotropic conductive film, an epoxy that binds chips to glass or circuit boards, the ministry’s industrial development bureau said in a report March 16. Hitachi provides about 50 percent of the world’s supplies of the film. Semiconductor makers in Taiwan face a “fight to get raw materials” as 50 percent of the world’s silicon wafer stock comes from two Japanese firms, Shin-Etsu and Sumco Corp., both affected by the earthquake, the bureau’s report said. “In terms of the ripple effect on the majority of our country’s industries, it should come from flat screens, semiconductors and solar panels as they use of a lot of upstream materials and key components,” the report said. The ministry did not give a timeline for possible quake impacts or estimate how much they would end up costing local tech firms in Taiwan, which builds components and contracts to make PCs for the world’s top brands. A lead tech researcher with Bank of America Merrill Lynch said March 16 the supply chain would take as long as 6 months to return to normal. Source:

48. March 17, Reuters – (International) Toshiba LCD plant out for a month; Lenovo frets about supplies. Toshiba Corp. said an assembly line in Japan making small liquid crystal displays (LCDs) would be closed for a month and PC maker Lenovo voiced worries over parts, highlighting the threat to global supply chains from Japan’s devastating earthquake, Reuters reported March 17. Hitachi Ltd. also said production of small LCDs will be halted at its factory near Tokyo for a month as it deals with damage and power outages. Toshiba’s assembly line at a plant near Tokyo making LCDs for smartphones and other devices will be closed to repair sensitive equipment knocked out of alignment by the quake, a Toshiba spokeswoman said March 17. The Toshiba plant supplies the mobile phone industry and auto makers for navigation displays, and its two factories including the one still operating account for about 5 percent of the global small LCD display market, an analyst at Macquarie Capital Securities in Japan said. Source:

49. March 17, The Register – (International) Spam levels plummet as Rustock botnet taken down... for now. Spam volumes shrank March 16 after the Rustock botnet fell silent, reportedly as a result of a takedown action. Rustock, which is made up of a network of compromised (malware-infected) Windows PCs, turns an illicit income for its unknown controllers by being the biggest single source of global spam. The botnet is particularly active in advertising unlicensed net pharmacies. A security blogger suggested the respite of spam from Rustock is the possible result of a takedown action against the zombie network’s command and control system. “Dozens of internet servers used to coordinate these spam campaigns ceased operating, apparently almost simultaneously,” he wrote. “Such an action suggests that anti-spam activists have succeeded in executing possibly the largest botnet takedown in the history of the internet.” Details of who took this action are unclear at present, though security firms were able to confirm the security researcher is correct in attributing a sharp drop in spam levels to the shut-down (at least temporarily) of Rustock. The Rustock botnet is made up of an estimated 815,000 compromised Windows PCs, controlled via a network of about 26 servers. Source:

50. March 16, Computerworld – (International) Google first to patch Flash bug with Chrome update. Google updated Chrome March 15, patching a flaw in the browser’s copy of Flash Player. Users of Internet Explorer, Firefox, Safari, and Opera will not receive a Flash update from Adobe until the week of March 21. Adobe announced March 14 attackers are exploiting an unpatched, or “zero-day,” vulnerability in Flash Player using malicious Microsoft Excel documents attached to e-mail messages. Adobe said it would patch Flash Player for Windows, Mac OS X, and Linux sometime the week of March 21. Google pushed a Chrome update to users running the stable and beta builds of the browser March 16. “This release contains an updated version of the Adobe Flash player,” a Chrome program manager said March 15. After updating Chrome to version 10.0.648.134, the browser reports it is running Flash Player, a step up from the bundled with the last update of the browser. Source:

51. March 16, Help Net Security – (International) 73,000 malware strains created daily in 2011. The number of threats in circulation during 2011 has risen in comparison to 2010. In the first 3 months of 2011, PandaLabs identified an average of 73,000 new malware strains, most of which were trojans. Moreover, there was a 26 percent increase of new threats compared to the same period in 2010. While PandaLabs observed a quarter-over-quarter increase of new malware in 2010, the rise was not nearly as notable as the one experienced over the last several quarters. Trojans remain the most popular type of threat to computer systems, and now account for 70 percent of all new malware. This is because it can be incredibly lucrative for cybercriminals to commit fraud or steal money from Internet users through the online banking channel. Taking a look further at the subtypes of malware, PandaLabs found banker trojans have decreased, bots have remained steady, and fake anti-virus or rogueware has decreased in popularity. However, the number of “downloaders” has increased significantly. Source:

52. March 16, The Register – (International) Microsoft malware removal tool takes out public enemy no. 4. Microsoft the week of March 13 used its Malicious Software Removal Tool to take out Win32/Renocide, the fourth-biggest threat in automated program’s history, which dates back to at least 2005. The malware is a backdoor-enabled worm that spreads through removable drives, network shares, and popular file-sharing applications. Once installed, it drops copies of itself on all removable drives, possibly by randomizing the file names. It also spreads by scanning machines on an infected computer’s local network and pasting a copy of a file called autorun.inf, which many versions of Windows automatically execute when the drive is attached. Renocide also plants copies of itself in shared folders of file-sharing applications and cleverly disguises them as titles of popular games and apps currently shared on popular torrent sites. Source:

Communications Sector

53. March 17, Associated Press – (West Virginia) Cable theft disrupts phone service in Chapmanville area; Frontier establishes tip line. Frontier Communications said a recent cable theft caused telephone outages for about 300 customers March 17. The utility’s general manager in Logan, West Virginia, said Frontier immediately sent technicians to restore service after the outage the week of March 7 in the Chapmanville area. Frontier utility’s general manager told the Logan Banner that cable theft has become a serious problem in the region and is viewed as a threat to public safety because it could prevent people from contacting fire departments, police, and ambulance services. Frontier has established a hot line for people to report cable thefts. Source:

54. March 15, – (International) Expedia outage went global, included as Japan quake shook. On March 11, as large parts of the world were glued to the Internet or television sets as events in Japan unfolded in real-time, Expedia and sister site were having some pretty serious performance issues. Local versions for almost every Expedia site, except the U.S. version, including the United Kingdom, Australia, Canada, and Germany were down for around 90 minutes to 2 hours. The same was true for some sites. At the time, some Expedia officials said privately that traffic spikes may have caused the problem, but it soon became clear the outages were part of a wider issue. It turns out that an update to the system did not go according to plan, and customers were not able to access home pages. No other details have been given for the outage, although it is not believed to have been caused by the events which took place off the coast of Japan. An official said, “The support teams have worked to fix this issue and we are confident that this has been resolved.” Source:

For another story, see item 48 above in Information Technology