Wednesday, May 4, 2011

Complete DHS Daily Report for May 4, 2011

Daily Report

Top Stories

• IDG News Service reports Sony took the Sony Online Entertainment network offline May 2 after it was revealed the breach of its computer networks the week of April 24 was worse than previously thought. The hack is believed to have affected 24.6 million accounts in addition to the 77 million already compromised. See item 40 below in the Information Technology Sector

• CNN reports the U.S. Army Corps of Engineers began blowing up a Mississippi River levee in Missouri overnight May 2, flooding about 200 square miles of farmland in an effort to bring down historic river levels and spare the city of Cairo, Illinois, and other communities. (See item 53)

53. May 3, CNN – (Missouri; Illinois) Army Corps starts to blow up levee to flood 130,000 acres in Missouri. The U.S. Army Corps of Engineers began blowing up a Mississippi River levee overnight May 2, flooding about 200 square miles of rich farmland in an effort to bring down historic river levels and spare the city of Cairo, Illinois, and other communities. The decision to breach the Birds Point-New Madrid levee appeared to be working, the commander of the Corps’ Memphis district said. The Ohio River at Cairo peaked at 61.72 feet just before the blast May 1 — the highest level on record, according to the National Weather Service. By 6 a.m. May 3, it had fallen to 60.62 feet, according to river gauge readings provided by the Corps. Even that still exceeds the previous record of 59.5 feet set in 1937, according to Weather Service records. The breach could cause river levels to fall by three to four feet over the next few days, according to the major general who is the commander of the Corps’ Mississippi River Valley Division. Without an intentional breach, authorities had warned of massive flooding that could wipe out the city of Cairo, which sits at the confluence of the Ohio and Mississippi rivers. Cairo’s mayor had already ordered the city’s 2,800 residents to evacuate. Missouri officials took the Corps to court over the plan, questioning the agency’s authority to intentionally breach the levee. The state argued the flood waters would deposit silt on the some 130,000 acres of farmland. The U.S. Supreme Court declined to intervene in the case May 30, clearing the way for the commander’s decision to blow the levee. Even as the river was falling, the Corps commander did not rule out similar moves elsewhere along the Mississippi and its tributaries, saying the levee system is already under unprecedented pressure and warning water levels could rise again. ―This doesn’t end this historic flood,‖ he said. Source:


Banking and Finance Sector

11. May 3, Reuters – (International) Deutsche Bank faces U.S. mortgage fraud lawsuit. The United States sued Deutsche Bank AG May 3, accusing the German bank and its MortgageIT Inc unit of repeatedly lying to be included in a federal program to select mortgages to be insured by the government. In a civil complaint filed in U.S. District Court in Manhattan, New York, the government said that defendants recklessly chose mortgages that violated program rules ―in blatant disregard‖ of whether borrowers could make mortgage payments. The lawsuit seeks triple damages and other penalties for violations of the federal False Claims Act. According to the complaint, MortgageIT from 1999 to 2009 endorsed in excess of 39,000 mortgages with principal totaling more than $5 billion for Federal Housing Administration insurance, meaning they were backed by the federal government. The government said the defendants profited from the resale of the mortgages, even as thousands of U.S. homeowners faced default and eviction. It said it has paid out more than $386 million of FHA insurance claims and related costs, and expects to pay out hundreds of millions of dollars more. ―Deutsche Bank and MortgageIT had powerful financial incentives to invest resources into generating as many FHA-insured mortgages as quickly as possible for resale to investors,‖ the complaint said. ―By contrast, Deutsche Bank and MortgageIT had few financial incentives to invest resources into ensuring the quality of its FHA-insured mortgages.‖ Source:

12. May 2, – (International) POS skimming scam stopped. Waterloo, Canada, Regional Police have arrested two Toronto men for the role they played in a card-skimming scam that bypasses the Europay, MasterCard, Visa chip-based security standard. The scheme involves swapping legitimate PIN pads or card readers at merchant locations with bogus readers that have been manipulated to collect card numbers. When debit or credit cards are inserted or swiped, their card numbers are collected and stored on the reader. In some cases, numbers are actually transmitted wirelessly, to criminals who are waiting nearby. The scheme is effective at compromising magnetic-stripe and EMV-compliant chip cards, said a financial-security consultant. ―They get around EMV by disabling the part of the POS device that reads the chip,‖ he says. ―So, then the customer is forced to swipe the mag-stripe to make the transaction.‖ It’s not until after the customer swipes the card that the clerk realizes the reader is inoperable. But by then, however, it is too late; the fraudsters have the card details. In this case, Waterloo Regional Police stopped the attack before many cards were compromised. A customer at an unnamed retail location contacted police April 19 after seeing two men in the store handling the checkout counter’s card reader. The two men face charges of theft, mischief, attempting to defraud the public, possession of instruments used to forge credit cards, and conspiracy to commit fraud. Source:

13. May 2, Fort Myers New-Press – (Florida) Three plead guilty in Orion Bank fraud case. Three men pleaded guilty May 2 in federal court to their involvement in the fraud case against the Naples, Florida-based president of now defunct Orion Bank. All three had previously signed plea agreements but had to appear before judges to make sure they really intended to plead guilty to the charges. A 41-year-old Tamarac businessman admitted that in 2009 he pretended to buy stock and helped the failing bank hide bad loans — both to make Orion seem to federal and state regulators that it was in good shape. A 42-year-old bank vice president who worked in Orion’s Palm Beach Gardens

office acknowledged that he helped get two bank loans approved for a total of $80 million even though he knew the information provided to back them was false. The third man, another bank vice president, who worked in Naples, admitted to committing similar crimes as a bank officer: helping the bank to raise purchases of its stock and inserting false documents into loan files to fool regulators into thinking all was well. All three pleaded guilty to one count of conspiracy. The 41-year-old businessman faces up to 30 years in prison and a $1 million fine while the other two could get as much as five years and $250,000. They were charged separately from the bank president, who was indicted March 31 for 13 counts of conspiracy, misapplication of bank funds, making false entries, making false statements, mail fraud, wire fraud, and money laundering. Source:|topnews|text|Home

14. April 29, Reading Eagle – (Pennsylvania) Temple man arrested in bomb-threat bank heist. A Temple, Pennsylvania man was arrested April 28 on charges he robbed a Lehigh County bank 3 days earlier by sending what he reportedly said was a bomb to a teller through the pneumatic delivery tube at the drive-through window. State police at Fogelsville picked up the 43-year-old man about 6:25 p.m. Troopers got an arrest warrant for the suspect April 27 and released his name and picture to the media. According to police, the man drove a 1996 pickup truck up to the drive-through window at the TD Bank branch on Hamilton Boulevard in Lower Macungie Township shortly after 7 p.m. April 25. After showing a teller what he said was a bomb, he placed the object in the delivery tube and sent it into the bank. He demanded money from the tellers and told them the device would explode if they did not comply. The tellers used the delivery tube to send the purported bomb back to the suspect along with an undisclosed amount of money. He took the money and fled. Source:

For another story, see item 40 below in the Information Technology Sector

Information Technology

39. May 3, Softpedia – (International) Facebook scammers use Osama bin Laden’s death as lure. Facebook scammers are trying to capitalize on the news of the death of al-Qaeda’s leader by using the event as lure to trick users into spreading spam and participating in rogue surveys. Cyber criminals wasted no time in trying to exploit it for their own benefit. On Facebook, there were several ongoing malicious campaigns using the leader’s death as lure. One of them spreads through internal chat messages and advertises a video of the killing. It leads users to a Facebook-hosted page that asks them to copy and paste some JavaScript code into their browser’s address bar. The rogue code misuses the user’s active session to grab their friends list and send them spam messages via Facebook chat. A second, more sophisticated, death scam is using clickjacking and rogue wall messages to spread. Users are directed to a page asking them to solve a captcha-like test consisting of a simple math operation. Trying to input the answer will result in the click being hijacked and used to post a spam message on people’s walls without their authorization. Source:

40. May 2, IDG News Service – (International) Sony cuts off Sony Online Entertainment service after hack. The widely publicized hack of Sony’s computer networks is worse than previously thought, also affecting 24.6 million Sony Online Entertainment network accounts. Sony — which has kept its Sony PlayStation Network offline for nearly 2 weeks as it investigates a computer intrusion — took a second gaming network offline May 2, saying it too appears to have been hacked. It said banking and credit card information belonging to more than 23,000 customers outside the United States may have been compromised. The Sony Online Entertainment network, used for massively multiplayer online games, has been suspended temporarily, Sony said May 1. Add this to the 77 million accounts that may have been compromised the week of April 24, and Sony is responsible for one of the largest recorded data breaches. The entertainment network is separate from the PlayStation Network, but both hacks have similar traits, a spokeswoman for Sony Computer Entertainment said. In both cases, the stolen data includes customer names, e-mail addresses, and hashed versions of their account passwords. That data could be used to spam customers or trick them with phishing e-mails. Source:

41. May 2, threatpost – (International) Report: Vishing attack targets Skype users. Skype users are being targeted in an ongoing voice-phishing, or ―vishing,‖ attack, according to a report by ZDNet’s Zero Day blog. Skype users reported receiving a pre-recorded call informing them that their computer had been infected with malware. In order to remove this malware users are advised to visit a site which pushes rogue AV and malware cleanup services, according to the report. So-called ―vishing‖ attacks are akin to phishing attacks and use voice messages — rather than e-mail messages or Web links — to lure unsuspecting users to malicious Web sites. Skype users report receiving calls from unknown numbers. Pre-recorded messages tell those who answer the call that they are infected with a ―fatal virus‖ and direct them to a Web address to get disinfected. Source:

42. May 2, Network World – (International) VMware causes second outage while recovering from first. VMware’s attempt to recover from an outage in its new cloud computing service inadvertently caused a second outage the next day, the company said. VMware’s new Cloud Foundry service — which is still in beta — suffered downtime over the course of 2 days the week of April 24. Cloud Foundry, a platform-as-a-service offering for developers to build and host Web applications, was announced April 12 and suffered ―service interruptions‖ April 25 and 26. The first downtime incident was caused by a power outage in the supply for a storage cabinet. Applications remained online, but developers were unable to perform basic tasks, like logging in or creating new applications. The outage lasted nearly 10 hours and was fixed by the afternoon. But the next day, VMware officials accidentally caused a second outage while developing an early detection plan to prevent the kind of problem that hit the service the previous day. Source:

43. May 2, Darkreading – (International) ERP apps often left exposed. Among Oracle’s latest round of patches in April were eight flaws in its JD Edwards enterprise resource planning (ERP) applications — underscoring how ERP apps are often forgotten when it comes to security, overshadowed by database flaws and other worries. The JD Edwardapplication flaws might represent only a small fraction of the 78 total bugs fixed in theupdate, but they demonstrate a growing concern among security experts of an emerginprime attack vector. Most enterprises do not consider their ERP apps as a big target forattackers, and assume segregation of duties is enough security for them. ERP systems, which are tied in with a database platform and often contain multiple interfaces to otheapps, run sensitive business processes, such as financial, sales, production, expenditures, billing, and payroll, so any such targeted attacks would be damaging financially and production-wise, experts say. Source:

Communications Sector

44. May 2, Akron Beacon-Journal – (Ohio) WEAO (Channel 49) resumes over-the-air signal. WEAO (Channel 49) resumed broadcasts after more than two weeks off the air in Ohio. The public-broadcasting station, part of Western Reserve PBS, went off the air April 14 because of problems with an 800-foot line running from its Copley transmitter to its antenna tower. Rain and heavy winds delayed repairs. Viewers who received the station via Time Warner Cable, AT&T Uverse, Massillon Cable, and DirecTV have been able to get broadcasts after those services picked up the signal from its companion station, WNEO (Channel 45). But people getting the WEAO signal over the air or from other service providers have been out of luck — unless they got Channel 45 over the air. A station representative said viewers getting the over-the-air signal might have to rescan their receivers to pick up WEAO again. Source:

Tuesday, May 3, 2011

Complete DHS Daily Report for May 3, 2011

Daily Report

Top Stories

• According to the Hackensack Record, authorities arrested two men who tried to sell more than $1 trillion in counterfeit U.S. Treasury notes to undercover sheriff’s officers in New Jersey. See item 12 below in the Banking and Finance Sector

• Bloomberg reports the United States and Australia boosted security at their embassies around the world and Interpol told its 188 member countries to be on “full alert” for attacks to avenge the killing of an al-Qaeda leader. (See item 31)

31. May 2, Bloomberg – (International) U.S. raises embassy security as world on alert for bin Laden retaliation. The United States and Australia boosted security at their embassies around the world and Interpol told its 188 member countries to be on “full alert” for attacks to avenge the killing of an al-Qaeda leader. Patrol cars, paramilitary forces, and commandos wearing bulletproof vests searched motorists and pedestrians outside the U.S. consulate in Karachi, Pakistan. “The death of [the al-Qaeda leader] does not represent the demise of al-Qaeda affiliates and those inspired by al-Qaeda, who have and will continue to engage in terrorist attacks around the world,” the secretary general of Lyon, France-based Interpol said in an e-mailed statement. The U.S. President May 1 said the man died in a firefight with U.S. forces in Abbottabad, Pakistan. His death removes the leader of a group that targeted citizens of the United States and its allies in hotels, offices, and embassies around the world. The al-Qaeda leader was wanted by U.S. authorities before the September 11, 2001, attacks on the World Trade Center in New York and the Pentagon outside Washington D.C. that killed almost 3,000 people. He was accused in connection with bombings of American embassies in Tanzania and Kenya on August 7, 1998, which killed 224 people, and linked to the October 2000 bombing of the USS Cole in Aden, Yemen, which killed 17 U.S. sailors. “The Department of State has requested all U.S. embassies to go to a heightened level of alert in the wake of the news,” a spokesman with the U.S. Embassy in Helsinki said. The State Department has also issued a worldwide travel alert to U.S. citizens. Source:


Banking and Finance Sector

11. April 29, Associated Press – (Michigan; National) Detroit-area man accused of $200M Ponzi scheme pleads guilty, says he defrauded investors. A Detroit, Michigan-area man accused of a $200 million investment scam pleaded guilty April 29, admitting he lied to people for a decade when he promised he was putting their cash into telecommunication deals with hotels across the country. The 74-year-old man appeared in federal court in Detroit a few weeks before trial and pleaded guilty to all 59 counts of fraud in the indictment. He said most money was recycled to earlier investors, a classic Ponzi scheme, but a “substantial amount” was spent on gambling. Starting in 1997, he created false documents to show he had contracts with hotels in California, Nevada, New Jersey, New York, and elsewhere. He said he promised people that in just 20 months, they would earn enough interest to cover their initial investment. Investors’ losses topped $35 million by 2007 when the U.S. Securities and Exchange Commission filed a civil lawsuit. Under sentencing guidelines, the man likely faces 15 years to 20 years in prison. The man told the judge he did not act alone. No one else has been charged, although the SEC has a lawsuit pending against another man, alleging he solicited 30 percent of the money given to the man in charge of the scheme and received $3.8 million in compensation. That man has denied wrongdoing. Source:

12. April 29, Hackensack Record – (New Jersey; National) Authorities seize $1.2 billion in counterfeit documents, arrest 2. Two men who tried to sell more than $1 trillion in counterfeit U.S. Treasury notes to undercover sheriff’s officers were arrested, authorities said April 29. The arrests were the culmination of a sting operation at a Bergen County, New Jersey hotel April 28 that authorities said involved numerous officers, including one who posed as a bartender to gain the suspects’ trust. Around $1.2 billion in fake U.S. Treasury notes was found in the suspects’ possession at the time of their arrest, the Bergen County sheriff said, though the two claimed they could produce hundreds of billions of dollars more in similar counterfeit notes. Both men were charged with money laundering and financial facilitation in the first degree, theft by deception, conspiracy, and forgery. After investigators initiated contact, the suspects told them they were willing to sell more than a trillion dollars in U.S. Treasury notes at a fraction of their value, the sheriff said. After some negotiation, both sides agreed to meet April 28 to complete the deal. By the time the suspects arrived, more than a dozen undercover officers were posing as security guards, limo drivers, and prospective buyers. Source:

13. April 29, Associated Press – (Missouri) 2 investment handlers plead guilty to wire fraud. Two St. Louis, Missouri-area financial investment handlers face sentencing July 22 after pleading guilty to federal wire fraud charges April 29. Federal prosecutors said the two men pleaded guilty April 29, admitting they embezzled about $1.5 million from a retired couple. One of the men was an independent representative of Woodbury Financial Services. the other man operated Coral Mortgage Bankers Corp. offices in University City and Chesterfield, Missouri. The representative of Woodbury Financial Services also pleaded guilty to mail fraud for stealing an additional $3.5 million from about two dozen brokerage clients and beneficiaries of a trust fund, many of them elderly people. He said in his plea he used the money for, among other things, jewelry, and trips to adult entertainment clubs in East St. Louis, Illinois. Source:

14. April 29, KXTV 10 Sacremento – (California) Ripon bank robbed, bomb threat reported. A man who allegedly robbed a bank in Ripon, California, and claimed to have a bomb managed to get away with an undisclosed amount of cash April 29. The incident prompted law enforcement officials to evacuate the area and shut down a section of the downtown business district. A Ripon Police spokesman said around 10 a.m., a man walked into the Bank of the West carrying a black bag in which he claimed to have a bomb. He demanded money from a teller after showing a note referring to the “bomb.” The teller said the man was holding a remote control device during the robbery. Once the man had the cash, he fled on foot, leaving the bag on a counter inside. The spokesman said police arrived within minutes but were unable to find the man. The bank, nearby businesses, and homes were evacuated as a San Joaquin Bomb Squad worked to secure whatever was inside the black bag. The bag contained a cement block, not an explosive device. The man was described as a 40-year-old White or Hispanic adult, between 5 feet, 5 inches and 5 feet, 9 inches tall, with a mustache. He was wearing a tan jacket, blue jeans, white shoes, and a white baseball cap with a dark stocking cap underneath. Source:

15. April 28, Federal Bureau of Investigation – (Arizona; National) New York man garners 20-Year sentence for ‘cashless ATM’ Ponzi scheme. A U.S. district court judge in Phoenix, Arizona, sentenced a New York City, New York man April 28 to 20 years in prison for his role in an $8 million Ponzi scheme that sold fictitious “cashless ATM machines” to victims throughout the United States. The 50-year-old pleaded guilty March 2, 2010, to one count of conspiracy to commit mail fraud and wire fraud, one count of wire fraud, and one count of mail fraud. The judge also ordered the man to pay $6,187,735 in restitution. From about March 2003, until about January 2005, the man and other co-defendants deceived about 300 investors into believing they were investing their money in a business opportunity pertaining to “cashless ATM machines.” The perpetrators established two Arizona corporations, Mac Investments, Inc. and MAC Investment Sales, Inc. of the same mailing address in Tempe to accomplish their goals. Source:

For another story, see item 43 below in the Information Technology Sector

Information Technology

41. May 2, IDG News Service – (International) Osama bin Laden’s death is key topic on Internet. The announcement May 1 of the death of al-Qaeda’s leader has set the Internet abuzz, as users searched for information and shared their thoughts on the killing of one of the world’s most wanted men. The events will provide an opportunity for malicious Web sites to infect computers by tricking users into visiting their sites for more information, warned security experts. Cybercrooks can trick the search-ranking algorithms of popular search engines by feeding them fake pages to make their sites seem legitimate, increasing the chances Internet users searching for news land on a site dispensing malware, warned head of technology at IT security firm Sophos. An expert at IT security company Kaspersky Lab already had examples of malware-laced pages cropping up in response to a Google image search for “[al-Qaeda’s leader] body.” Users clicking on some of the images in the results are redirected to one of two malicious domains offering a copy of the rogueware known as “Best Antivirus 2011”, he said. Source:

42. May 2, Next Web – (International) Bogus MacDefender malware campaign targets Mac users using Google Images. Apple computer owners are being subjected to a number of specialized malware attacks that insists Mac users download a malware version of the popular MacDefender antivirus application, infecting their computers as a result. News of the malware campaign surfaced as scores of Mac computer owners flooded the Apple Discussion Forums, asking members for advice on how to delete the MacDefender application from their systems. Early reports show users have been targeted as they search Google Images, one user stating the bogus MacDefender application was automatically downloaded as he browsed images of Piranhas. Further searching through the Apple Discussion boards suggests the malware campaign is targeting users of Apple’s Safari browser, displaying warnings the user’s computer has been infected with viruses that only the unofficial MacDefender application can remove. Safari users can set their browser to automatically open software they trust, it is thought that many have been infected without their knowledge by this route of attack. Upon downloading, the application asks users to pay for protection, possibly giving attackers credit card details as a result. To reassure users of the official MacDefender software, its creator has taken to the official Web site to warn users of the malware campaign. It is not thought the malware application is able to infect Mac computers with a virus, instead it is posing as scareware, which preys on disrupting the confidence of Mac users but also getting them to hand over their credit card details. Source:

43. May 1, The Register – (International) Sony: ‘PSN attacker exploited known vulnerability’. Sony is getting ready to return to service some PlayStation Network offerings, amid ongoing analysis to try and identify the source of the April attack on its San Diego data center hosted in an AT&T network facility, The Register reported May 1. While maintaining it has not yet seen any evidence redit card data was compromised in the attack, Sony has said that where customers are charged a fee for reissuing credit cards, it will take responsibility for those charges. The company claimed in the press conference that credit card data was encrypted. Sony’s executive deputy president said while 78 million accounts were compromised, the number of affected individuals is lower than that, since some people operate multiple PlayStation Network accounts. Of these, he said, Sony only held credit card information for around 10 million customers. Sony’s CIO said the attack was based on a “known vulnerability” in the non-specified Web application server platform used in the PSN. However, he declined to stipulate what platform(s) were used or what vulnerability was exploited, on the basis that disclosure might expose other users to attack. He conceded Sony management had not been aware of the vulnerability that was exploited, and said it is in response to this the company has established a new executive-level security position, that of chief information security officer, “to improve and enhance such aspects.” Sony also said it has asked the FBI to investigate the attack. Source:

44. April 29, Computerworld – (International) Yahoo says 1M users affected by email outage. A day after Yahoo’s e-mail service suffered a partial outage, the company reported that about 1 million users were affected. The problem began at 7:30 a.m. Pacific time April 28, and was at its worst at 11 a.m., according to the senior product manager for Yahoo Mail. At the problem’s peak, about 1 million users were without e-mail service, she added. It is unclear when Yahoo got e-mail back up for all of its users. Yahoo also did not specify what caused the problem. Source:

45. April 29, IDG News Service – (International) Microsoft admits to more Windows Phone update problems. Another problem has cropped up preventing some Windows Phone 7 users from getting two software updates, adding another issue on a list of continuing problems that started in February. Microsoft acknowledged that some Samsung Focus owners in the United States have not yet received notification that the updates are available for them. On a Microsoft forum, some Focus users who have not received the updates noticed they have a more recent build version of the phone. While people with version REV 1.3 have gotten the updates, some of those with REV 1.4 have not. In addition, a Microsoft employee said Microsoft has stopped sending updates to the Omnia 7, a phone available in Europe. “The team discovered a technical issue with the update package for this model. The work of fixing and testing the package is nearly done, and the team hopes to resume update deliveries soon,” he wrote. These are the latest issues to plague Microsoft as it tries to send out new software to Windows Phone 7 handsets. Microsoft started in February by pushing out software designed to make the update process smoother. It pulled that update shortly after because it made some Samsung phones unusable. Source:

Communications Sector

46. May 2, WLWT 5 Cincinnati – (Ohio) Man killed trying to climb TV tower. Police said they have discovered a man’s remains at WLWT’s transmitter in Clifton Heights, Ohio, WLWT reported May 2. Officers said witnesses discovered a severed hand near the corner of Rohs and Warner streets May 1. The hand was the first of several disturbing discoveries. “The more we looked into it, we discovered a torso up by the radio tower,” said a sergeant with the Cincinnati Police Homicide Unit. Police said they linked the severed hand to a break-in at WLWT’s transmitter. They said it appeared the man was attempting to climb the tower when he died. Investigators said they did not know whether the man was electrocuted or fell. Source:

47. April 29, Computerworld – (International) Amazon cloud outage was triggered by configuration error. Amazon has released a detailed analysis and apology about the partial outage of its cloud services platform the week of April 25 and identified the culprit: A configuration error made during a network upgrade. During this configuration change, a traffic shift “was executed incorrectly,” Amazon said, noting traffic that should have gone to a primary network was routed to a lower capacity one instead. The error occurred at 12:47 p.m. April 21 and led to a partial outage that lingered through the week of April 25. The outage sent a number of prominent Web sites offline, including Quora, Foursquare, and Reddit, and renewed an industry-wide debate over the maturity of cloud services. Amazon posted updates throughout the outage, but what it offered in its postmortem is entirely different. The nearly 5,700-word document includes a detailed look at what happened, an apology, a credit to affected customers, as well as a commitment to improve its customer communications. Amazon did not say explicitly whether it was human error that touched off the event, but hints at that possibility when it wrote that “we will audit our change process and increase the automation to prevent this mistake from happening in the future.” The initial mistake, followed by the subsequent increase in network load, exposed a cascading series of issues, including a “re-mirroring storm” with systems continuously searching for a storage space. Source:

For another story, see item 45 above in the Information Technology Sector