Monday, August 22, 2011

Complete DHS Daily Report for August 22, 2011

Daily Report

Top Stories

• Two violent storms forced the temporary closure of Eppley Airfield in Omaha, Nebraska, August 18, after high winds and baseball-sized hail damaged several commercial airliners, and a portion of a concourse. – CNN (See item 13)

13. August 19, CNN – (Nebraska) Powerful storms damage planes, portion of concourse in Nebraska. Two violent storms forced the temporary closure of Eppley Airfield in Omaha, Nebraska, after high winds and baseball-sized hail damaged planes and a portion of a concourse, the airport director said. He said the airfield was closed for several hours August 18, with at least one reported injury: a pilot who was taken to a local hospital after being struck by hail. Seven aircraft were damaged. The planes belonged to American, United, Delta, Southwest, U.S. Airways, and Frontier Airlines. Strong winds blew a jetway into one of the aircraft. Eppley Airfield’s south concourse sustained water damage at two gates, which have been closed, he said. A Southwest Airlines spokeswoman said two of the airline’s planes were on the ground — one of them Flight 751 to Chicago, which was being boarded — when the first storm hit. The decision was made to deplane the 137 passengers from the Boeing 737, and a male pilot was struck by hail while standing in the jetway. The spokeswoman said he was conscious when he was transported to the hospital. Southwest cancelled the flight. The spokeswoman said 13 flights were affected: eight arrivals, and five departures. The first storms pushed through Omaha at about 5:30 p.m. The airport was subsequently shut down so officials could evaluate damage. After about an hour-and-a-half, the airport was reopened, but was closed again minutes later when a second storm came through, packing strong winds and heavy rains. The airport director said winds of about 100 miles-per-hour were reported, and visibility was between 5 and 10 feet. About 2,700 passengers were affected by the storms. Source:

• Nearly two dozen people, including hospital employees and patients, were arrested for running a prescription drug operation out of the Veterans Affairs Medical Center in Riviera Beach, Florida. – WPTV 5 West Palm Beach (See item 29)

29. August 19, WPTV 5 West Palm Beach – (Florida) VA Medical Center in Riviera Beach investigated for illicit drugs and narcotics. Nearly two dozen people were accused of running a prescription drug operation out of the Veterans Affairs (VA) Medical Center in Riviera Beach, Florida. The Palm Beach County Sheriff’s Office, state attorney’s office, U.S. Department of Veteran’s Affairs, and the Office of Inspector General-Criminal Investigations Division raided the VA August 18, a result of a 7-month undercover investigation called “Operation Tango Vax.” Investigators said they went undercover several months ago and posed as hospital workers. Those undercover agents said they were able to buy prescription drugs, largely oxycodone, from hospital staffers as well as veterans who sold their own medication. Investigators said they seized about 6,000 oxycodone pills, 2 vehicles, and $200,000 in cash. The sheriff’s office said warrants were issued for the arrest of 21 people, including hospital patients and employees. A pharmacy technician, a respiratory therapist, and several nursing assistants were among the VA workers arrested. Source:


Banking and Finance Sector

10. August 18, CNN – (National) California attorney general sues lawyers in alleged mortgage scam. The California attorney general is suing “a ring” of lawyers for allegedly defrauding at least 2,500 homeowners out of millions, a scam that was supposed to provide relief on their troubled mortgages, she said August 18. The civil suit filed by the state’s top attorney names 3 law firms, 3 other lawyers, and 14 other defendants. They are accused of sending 2 million deceptive pieces of mail in California and at least 17 other states, and using misleading advertising and telemarketing practices to entice desperate homeowners to believe they could sue mortgage lenders and stop foreclosures, California’s attorney general said. She said the defendants sold homeowners on participating in mass joinder lawsuits against lenders, and promised the suits would reduce their loan balances or interest rates, obtain monetary damages, and even result in free and clear title to their homes. The state’s lawsuit seeks fines, penalties, damages, and restitution in the tens of millions of dollars, the attorney general said. The lawyers charged homeowners fees of up to $10,000 to make them plaintiffs in a mass joinder lawsuit, she said. Such a suit involves many plaintiffs in which each has their own set of facts to prove. She claims the “mass joinder scam” involved deceptive mass mailers appearing as official settlement notices or government documents and told homeowners they were potential plaintiffs in a “national litigation settlement”. No such settlements existed, the attorney general said. Source:

11. August 18, Cincinnati Enquirer – (National) Four indicted in $13M mortgage scam. Four Cincinnati residents were charged August 18 with running a $13 million mortgage fraud scheme that bilked investors and banks from Ohio to Georgia. Federal prosecutors said they used fake loan documents, false promises to investors, and inflated home values to collect millions of dollars in fees. All four defendants are linked to American Equity Group, their Cincinnati-based company, and are charged with wire fraud, mail fraud, and conspiracy. Authorities said the scheme, which operated from 2006 to 2007, is similar to others around the country that have targeted homeowners struggling with mortgages they cannot afford. Prosecutors said the suspects targeted at least 18 properties in Ohio, Michigan, Indiana, and Georgia — some valued at more than $1 million. The indictment said the defendants promised sellers they could continue to live in homes as renters and buy the property back after American Equity Group helped repair their credit. But prosecutors said the firm found investors who bought the houses at inflated prices with a promise that the original owner’s rent payments would cover the mortgage. Prosecutors said the defendants told investors the original owners would soon buy back the property, getting them off the hook for the mortgage. The suspects are accused of divvying up their share of the property sales, and then allowing the houses to fall into foreclosure. Source:|head

12. August 18, The Register – (International) Better ATM skimming through thermal imaging. Security researchers found thermal cameras can be combined with computer algorithms to automate the process of stealing payment card data processed by automatic teller machines. At the Usenix Security Symposium the week of August 8, the researchers said the technique has advantages over more common ATM skimming methods that use traditional cameras to capture PINs people enter during transactions. The reason is customers often obscure a traditional camera’s view with their bodies, inadvertently or on purpose. Also, it can take a long time for crooks to view captured footage and log the code entered during each session. Thermal imaging can vastly improve the process by recovering the code for some time after each PIN is entered. The output can also be processed by an algorithm that automates the process of translating it into the secret code. The findings expand on 2005 research from a member of Google’s security team. The Usenix presenters tested the technique laid out by the researcher on 21 subjects who used 27 randomly selected PINs, and found the rate of success varied depending on variables such as the types of keypads and a person’s body temperature. Source:

Information Technology Sector

39. August 19, Softpedia – (International) Koobface spreads via torrents. Security researchers identified a new version of the Koobface worm, which uses the global torrent network instead of social networking Web sites to spread. Dating back to July 2008, Koobface is one of the oldest and most successful computer worms that is still active. Its original variants targeted MySpace and Facebook, but it later expanded to other social networking sites. Koobface has seen many improvements and is a fairly sophisticated piece of malware most likely maintained by more than one developer. Despite its success, the worm suddenly stopped spreading on Facebook in February, a decision that baffled security researchers. In April, security experts from FireEye reported Koobface was still serving as a distribution platform for other malware, and that its command and control servers were still operational. A new sample found recently by security researchers from Trend Micro seems to indicate the worm’s creators developed a new propagation routine. The new version bundles version 2.2.1 of the uTorrent client which runs hidden in the background to seed trojanized torrents. These torrents pose as cracked versions of popular applications or games. The new version also uses encryption to evade antivirus detection. The rogue torrents promoted via public trackers and discoverable through the global torrent network contain multiple components that decrypt each other. Source:

40. August 18, IDG News Service – (International) AES proved vulnerable by Microsoft researchers. Researchers from Microsoft and the Dutch Katholieke Universiteit Leuven discovered a way to break the widely used Advanced Encryption Standard (AES), the encryption algorithm used to secure almost all online transactions and wireless communications. Their attack can recover an AES secret key from three to five times faster than previously thought possible, reported the Katholieke Universiteit Leuven, a research university based in Belgium. The researchers cautioned the attack is complex in nature, and so cannot be easily carried out using existing technologies. In practice, the methodology used by the researchers would take billions of years of computer time to break the AES algorithm, they noted. But the work, the result of a long-term cryptanalysis project, could be the first chink in the armor of the AES standard, previously considered unbreakable. When an encryption standard is evaluated for vital jobs such as securing financial transactions, security experts judge the algorithm’s ability to withstand even the most extreme attacks. Today’s seemingly secure encryption method could be more easily broken by tomorrow’s faster computers, or by new techniques in number crunching. Source:

41. August 18, Threatpost – (International) GingerMaster malware seen using root exploit for Android Gingerbread. The evolution of mobile malware seems to be accelerating, especially as it applies to Android malware. The newest example of this rapid change is the appearance of GingerMaster, a variant of the DroidKungFu malware that now sports a root exploit for Android 2.3 and gives the attacker complete control of the infected device. The new piece of malware, discovered by researchers at North Carolina State University, uses a jailbreak exploit for Android 2.3, also known as Gingerbread, which is packaged in an infected app as a seemingly legitimate file. Once that exploit runs, it gives the malware root privileges on the phone and also begins collecting data about the device for transmission to a remote server. Source:

For another story see item 42 below in the Communications Sector

Communications Sector

42. August 18, Baltimore Sun – (Maryland) Verizon blames vandalism for outage. As many as 300 Verizon customers in West Baltimore, Maryland lost service August 18 after cables were cut, the company said. The outage to telephone and DSL service affected state government offices, small businesses, and residents, the Verizon spokeswoman said. Service was expected to be restored by midday August 19, she said. Source:,0,718659.story

43. August 18, WLBT 3 Jackson – (Mississippi) Storm rips down communication tower at reservoir. Thunderstorms caused a lot of damage to the communications tower on Spillway Road overlooking the Barnett Reservoir in Jackson, Mississippi. Straightline winds that were clocked at 78 miles per hour blew the tower’s antenna down. Then a nearby power pole came down and two passing cars got snagged in the lines. The Reservoir Patrol will be operating on generator power indefinitely. Source: