Tuesday, March 22, 2011

Complete DHS Daily Report for March 22, 2011

Daily Report

Top Stories

• United Press International reports the FBI said a suspicious package left March 18 near a federal building in Detroit, Michigan that houses several agencies, contained explosive components. (See item 43)

43. March 19, United Press International – (Michigan) FBI investigating suspicious package. The FBI said it is trying to determine if a suspicious package left March 18 near the McNamara Federal Building — home of the FBI — in Detroit, Michigan, was a bomb. The Detroit Bomb Squad detonated the package March 18 on Belle Isle and FBI agents were trying to determine its contents, The Detroit News reported March 19. An FBI special agent stopped short of saying the package was a bomb, but said “explosive components” were found รข€¦ the investigation is ongoing.” The device was discovered in a dumpster near the federal building, prompting police to close the area. A bomb squad officer wearing protective clothing removed the metal box. It was the second suspicious package found in Detroit in a week. The high rise in downtown Detroit also houses offices of the Internal Revenue Service, the U.S. Army Corps of Engineers, the Social Security Administration, and other government agencies. Source: http://www.upi.com/Top_News/US/2011/03/19/FBI-investigating-suspicious-package/UPI-28191300554979/

• According to Associated Press, a steak knife-wielding man, who gained access through an employee entrance, held police and security guards at bay for nearly an hour just before a basketball game at Staples Center arena in Los Angeles, California. (See item 58)

58. March 20, Associated Press – (California) Man with knife arrested in Staples Center standoff. A steak knife-wielding man held police and security guards at bay for nearly an hour at the Staples Center in Los Angeles, California, in a bizarre scene that played out just before the Los Angeles Clippers hosted the Cleveland Cavaliers in a National Basketball Association game March 19, authorities said. The center’s general manager said the man entered the venue through an employee entrance. He said security officers tried to block him, but the man was brandishing the blade. The man ran to the arena floor, where he was met by 25 security staffers who surrounded him until police arrived. The Staples Center general manager said the man made no demands nor offered a motive for his actions. Police detained him after he made a move toward a tunnel leading off the court. Source: http://abcnews.go.com/Sports/wireStory?id=13175183


Banking and Finance Sector

16. March 21, Reuters Legal – (National) Federal Reserve opponent convicted for circulating fake money. A North Carolina man who led a group opposed to federal monetary institutions was convicted for creating and distributing a counterfeit currency that was very similar to the real dollar, a U.S. Attorney said March 21. The man accused in the case minted Liberty Dollar coins and bills in the value of $7 million with the goal of competing with the official currency. He claimed the Liberty Dollar was inflation proof and that it was redeemable for gold and silver. The conviction concludes an investigation started in 2005. The coins looked similar to official American currency, carrying the dollar sign and the words dollar, USA, Liberty, and Trust in God. Liberty Dollars were so widespread the U.S. Mint and the Department of Justice issued a release in September 2006, warning consumers the money was fake. Under a 2009 indictment, the man and others were charged with conspiracy to defraud the United Stated, and under provisions of the federal code that address currency swindles. The suspect has been associated with organizations that question the legitimacy of the Federal Reserve and the U.S. system of currency. The statement said he founded the National Organization for the Repeal of the Federal Reserve and Internal Revenue Code in 1998, and remained its president and executive director until 2008. According to the indictment, the organization had tiers of executives and employees who marketed and distributed the currency. He also promoted the currency at conferences. He faces a sentence up to 25 years in prison and must forfeit 16,000 pounds of the minted money. Source: http://westlawnews.thomson.com/National_Litigation/News/2011/03_-_March/Federal_Reserve_opponent_convicted_for_circulating_fake_money/

17. March 21, New York Post – (New York) Credit-card scammer targeting Apple products is busted at JFK car-rental agency. A Brooklyn, New York credit-card fraudster with a taste for Apple tech products managed to skirt U.S. Secret Service agents for over a year before being nabbed at John F. Kennedy International Airport (JFK) in Queens, New York March 20, authorities said. The man had been running a ring that used stolen credit-card numbers to buy hundreds of thousands of dollars in Apple goodies, according to the Manhattan District Attorney’s Office. He once had been part of a similar million-dollar scheme helmed by a Rikers Island inmate — but decided to strike out on his own when he realized the potential profits, authorities said. The Secret Service had been looking for him for at least 18 months. But he kept giving agents the slip by changing cars at the National Rental Car office at JFK, law-enforcement sources said. He’d used as many as a dozen cars in recent weeks — aided by a National “executive card” that allowed him to slip in and out of the lot without having to talk to workers, sources said. Finally, an agent showed the office manager a photo of the man and said, “If you see this guy, let us know,” a source said. The man showed up March 20 to return a silver 2011 Jeep — and Port Authority cops pounced. The suspect allegedly tried to escape but ended up driving over spikes in the asphalt designed to prevent thefts at the lot. He faces raps ranging from grand larceny to reckless endangerment. Source: http://www.nypost.com/p/news/local/queens/jfk_bust_for_credit_con_man_EqLoKn7N0dx7H2SJgYm7VN

18. March 18, WAGA 5 Atlanta – (Georgia) Oconee Co. debit card fraud investigated. Dozens of Oconee County, Georgia residents are facing bank account problems after suffering debit card fraud. The unauthorized charges stem from dining out at a restaurant. Investigators are warning people to keep a close watch on their accounts since dozens of residents have noticed hundreds of dollars drained from them. Investigators said only the card numbers are being used. The debit cards affected were swiped between March 5 and March 11. Investigators said more than 50 victims have come forward. They say the one thing each victim has in common is they used their cards at a local restaurant. Investigators said several restaurants in Athens use the same debit card payment processor. They believe a scammer hacked into a database and stole hundreds of numbers at once. In the days after their meals, investigators said victims noticed out of state transactions on their bank statements. Police said the restaurants didn’t have any knowledge of the thefts, and some have already changed their debit card processor after learning the company was likely hacked. Source: http://www.myfoxatlanta.com/dpp/news/oconee-co.-debit-card-fraud-investigated-031811

19. March 17, Newport Beach Daily Pilot – (California) Father-son duo suspected of mail fraud. Postal inspectors are looking for a father and son who used businesses they ran in Costa Mesa, California to allegedly bilk hundreds of investors out of more than $20 million. The men were indicted March 17 on 14 counts of mail fraud charges, the U.S. Postal Service Inspection Service said in a news release. The whereabouts of the men are unknown and postal officials in Los Angeles asked for the public’s help in tracking them down. The indictment alleges the men defrauded more than 300 investors. The news release said they operated the scheme under various names of Costa Mesa-based businesses: Brookstone Capital, Brookstone Biotech Ventures II (BBV II) and Lincoln Funds International. The businesses claimed to be selling investment services. “Sale agents for the companies solicited investors with various claims and promises, including that the elder of the men had significant business experience and that investors’ money would be used to purchase stocks,” the release said. “According to the indictment, the men failed to tell potential investors that the older man had a criminal history and had been sued by California regulators. Additionally, the men allegedly failed to file taxes for the businesses and misappropriated investors’ funds.” Postal inspectors, the FBI, and the Securities and Exchange Commission participated in the investigation. Source: http://www.dailypilot.com/news/education/tn-dpt-0318-carvers-20110317,0,6481114.story

For another story, see item 54 below

Information Technology

50. March 21, The Register – (International) Tumblr blames human error for ‘minor’ security breach. Blogging platform tumblr has downplayed the significance of a security breach the weekend of March 19 and 20. Tumblr admitted human error led to the exposure of “sensitive server configuration information”, but not the rumored disclosure of users’ log-in details. Tumblr, which fixed the problem a few hours after its discovery, is reviewing its procedures to make sure similar mishaps are avoided in future. “We’re triple checking everything and bringing in outside auditors to confirm, but we have no reason to believe that anything was compromised,” a status update on an official tumblr page explained. “We’re certain that none of your personal information (passwords, etc.) was exposed, and your blog is backed up and safe as always.” Tumblr is a microblogging platform designed to make it easy for users to post images, videos, and general musing on life onto a short-form blog. The service has 15 million users. Source: http://www.theregister.co.uk/2011/03/21/tumblr_security_snafu/

51. March 21, Reuters – (International) Sony, Nissan restart some factories; power cuts linger. Sony Corp said it would partially restart a lithium ion battery factory in Japan’s Tochigi prefecture March 22, leaving six plants, which make a range of devices from integrated circuit cards to Blu-ray discs, still closed. The consumer electronics giant is one of dozens of Japanese companies to shut factories and slash output following the March 11 earthquake and tsunami which have disrupted supplies. Nissan Motor Co. restarted limited operations at five plants in Japan March 21, with vehicle production expected to start later in the week. Nissan said in a statement it would resume production of repair parts and parts for overseas manufacturing at several plants. Vehicle production is planned to start March 24 and will continue while supplies last, it said. Restoration of its Iwaki engine plant is expected to take longer than the other plants, it added. Toshiba said March 21 output was still halted at a factory in Iwate prefecture making system LSI chips for microprocessors and image sensors. It has begun work to bring the factory back online, but has no timeframe to resume output. Toshiba said an assembly line at a plant in Japan making small liquid crystal displays for smartphones and other devices will be closed for a month to repair damaged machinery. Sony is not sure when its plants will resume operations. Some of the plants’ output is supplied to other manufacturers, including customers overseas. Renesas, the world’s number five chipmaker, has halted operations at eight of its facilities and is also unsure when production will resume. The company said it was unlikely to start some of its plants until the threat of power cuts, expected to last until the end of April, diminished. Source: http://www.reuters.com/article/2011/03/21/japan-sony-idUSL3E7EL0IX20110321?pageNumber=1

52. March 21, H Security – (International) Adobe releases Flash 10.2 for Android, patches vulnerabilities. Adobe has released version 10.2 of its Flash Player for Android. The latest update brings support for devices with multi-core processors, such as the dual-core Motorola Atrix, and includes several performance enhancements for viewing video and interactive content. Deeper integration with the Android browser rendering engine and support for hardware accelerated video rendering for H.264 have been added for devices running version 3.0 of Android “Honeycomb” –- the developers note that the release is “initially a beta” for Android 3.0 and that the 3.0.1 system update is required. This Android version of Flash also addresses a number of security vulnerabilities which were fixed in version of its desktop counterpart in February. Source: http://www.h-online.com/security/news/item/Adobe-releases-Flash-10-2-for-Android-patches-vulnerabilities-1211560.html

53. March 21, IDG News Service – (International) Google says China blocking Gmail access. China is blocking Gmail in the country with methods that make it look as if the access problems lie with Google, the search engine company said March 21. In the last several weeks, Internet users in China reported greater difficulty with visiting the Gmail site, posting on microblogs the e-mail service is either slow or inaccessible. Google said the Chinese government is responsible for the access problems. “There is no technical issue on our side. We have checked extensively,” a Google spokesperson said. “This is a government blockage carefully designed to look like the problem is with Gmail.” The recent access problems have not qualified as significant interruptions, according to Google’s online traffic report. The blocking of Gmail coincides with China’s recent efforts to suppress any mention relating to the “Jasmine Revolution,” which began as an online call urging the Chinese people to protest the government. Source: http://www.computerworld.com/s/article/9214845/Google_says_China_blocking_Gmail_access

54. March 18, ABC News – (International) Department of Defense, major private contractor potentially vulnerable in cyber attack. RSA, a U.S. cyber security company charged with protecting computers for the U.S. government and thousands of private clients has itself been the target of a hacking attack, potentially compromising the security of software used by the Department of Defense and major defense contractor Lockheed Martin. While the U.S. government has been aware of the attack and working with the company on plugging the security breach for more than a week, according to sources familiar with the investigation, it was only March 17 that the company alerted the public. RSA, the security division of EMC, claims over 25,000 clients and 40 million users of its security token technology worldwide. In addition to the U.S. government, according to its Web site, RSA SecurID customers include major American corporations, healthcare institutions and charities, as well as banks and institutions that cater to high net worth individuals, such as Rolls Royce and Bentley Motors. The state of Kansas is also listed as a SecureID customer. Other RSA clients include the FBI, Northrop Grumman, and the German government. Source: http://abcnews.go.com/Blotter/dod-private-contractors-potentially-vulnerable-rsa-cyber-attack/story?id=13162204&page=1

55. March 18, Computerworld – (International) Microsoft urges Office users to block Flash Player attacks. Microsoft March 17 urged users of older Office suites to install and run a complicated tool to protect themselves against ongoing attacks exploiting an unpatched bug in Adobe’s Flash Player. “For users of Office prior to 2010, the Enhanced Mitigation Experience Toolkit (EMET) can help,” said a manager and security engineer with the Microsoft Security Response Center. “Turning on EMET for the core Office applications will enable a number of security protections called ‘security mitigations’,” the pair wrote in a Mach 17 post to the company’s Security Research & Defense blog. EMET is a tool that manually enables ASLR (address space layout randomization) and DEP (data execution prevention) for specific applications. ASLR and DEP are two anti-exploit technologies included with Windows. Adobe confirmed March 15 that attackers were exploiting an unpatched bug in Flash Player by sending potential victims malicious Microsoft Excel documents. Source: http://www.computerworld.com/s/article/9214795/Microsoft_urges_Office_users_to_bock_Flash_Player_attacks

For another story, see item 56 below

Communications Sector

56. March 21, The Register – (International) How to slay a cellphone with a single text. Attacks that crash most older cellphones are frequently compounded by carrier networks that send text messages to the target handset over and over. In other cases, they are aided by a “watchdog” feature embedded in the phone, which takes it offline after receiving just three of the malformed messages. The so-called SMS of death attacks were unveiled late in 2010 at a hacker conference in Germany. They use special binary characters and overflowed headers to temporarily crash most older models made by manufacturers including Nokia, Samsung, Sony Ericsson, LG, Motorola, and Micromax. Carrier networks often aggravate the attacks by bombarding the target with the same malicious message, making them an inexpensive way to take a phone completely offline. Feature phones may have lost much of their cachet to smartphones over the past few years, but they are still relied upon by almost 80 percent of the world’s mobile phone users, the researchers said. The attacks could be used in targeted attacks against social enemies and business rivals, but the researchers said there is also the potential for the vulnerabilities to be exploited in a more widespread fashion by using bulk SMS services, smartphone-based botnets, or SS7, a series of telephony signaling protocols the researchers said are becoming increasingly accessible to companies and individuals. Source: http://www.theregister.co.uk/2011/03/21/sms_of_death_explained/