Thursday, September 29, 2011

Complete DHS Daily Report for September 29, 2011

Daily Report

Top Stories

• Federal authorities arrested a Michigan man who bought and hid more than 4,000 pounds of explosives with enough firepower to equal the Oklahoma City bombing, and made anti-government remarks. – Associated Press (See item 11)

11. September 27, Associated Press – (Michigan; National) Man charged after 4,000 pounds of explosives found. Federal authorities said a Michigan man bought and hid more than 4,000 pounds of explosives with enough firepower to equal the Oklahoma City bombing and told an undercover informant that "when the government takes over, we will be mercenaries." The 64-year-old was arrested the week of September 19 on a charge of possessing explosives while facing other charges, and ordered held following a September 26 court hearing. His attorney said the builder and farmer from Sault Ste. Marie obtained the materials years ago for construction projects. Prosecutors and agents with the Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF) did not accuse the suspect of plotting to detonate the mixture of ammonium nitrate and fuel oil. An assistant U.S. attorney told the Associated Press he had "no idea" what the suspect planned to do with the materials. The federal charges were filed a month after the suspect was booked on many counts in Chippewa County, including larceny by false pretense, assaulting and resisting officers, falsely reporting a felony, and being a habitual offender. In an affidavit, an ATF agent said an informant told the Chippewa County Sheriff's Department the suspect sought help moving the explosive mixture from Sault Ste. Marie and hiding it in Dafter, a village a few miles away. The informant wore a recording device while performing the task September 20. The affidavit said a sheriff's detective listened to the recording and heard the "mercenaries" remark. The ATF agent said he obtained a search warrant the same day and found 83 bags of the mixture, each weighing about 50 pounds. The combined weight was about 4,150 pounds. The next day, he found explosive boosters, detonating cord, and blasting caps at the home of the suspect's mother. Another box of blasting caps was recovered in Sault Ste. Marie. The affidavit said many bags bore labels from companies in Iowa and Ohio. Federal law bars a person charged with a crime punishable by more than 1 year in prison from possessing an explosive shipped across state lines. The Mining Journal reported the ATF agent testified the suspect flew from Toronto to Cuba twice in 2008. A U.S. magistrate judge approved the government's request to keep the suspect in jail, describing the Cuba trips as "troubling." Source: http://www.kimatv.com/news/national/130668768.html

• A month-old outbreak of listeriosis in 18 states has resulted in at least 13 deaths and 72 illnesses, making it one of the deadliest food-borne outbreaks in the United States. – Food Safety News (See item 29)

29. September 28, Food Safety News – (Colorado; National) Listeria cantaloupe outbreak one of deadliest. A month-old outbreak of listeriosis in 18 states is officially the most deadly outbreak of food-borne illness since poison peanut butter killed nine people with Salmonella Typhimurium in late 2008 and early 2009. The U.S. Centers for Disease Control and Prevention (CDC) in Atlanta late September 27 reported the Listeria outbreak caused by contaminated whole cantaloupes has resulted in at least 13 deaths among 72 illnesses. In terms of fatalities, this food-borne illness outbreak is one of the worst in the United States. Cantaloupes have been responsible for at least 36 food-borne illness outbreaks since 1990, although this is the first one involving Listeria. In its update on the current outbreak investigation, the CDC said four people have died in New Mexico, two in Colorado, two in Texas and one each in Kansas, Maryland, Missouri, Nebraska, and Oklahoma after eating tainted cantaloupe. Local media reports have attributed a second death in Kansas and another in Wyoming to the Listeria outbreak, but those were not included in CDC figures through 11 a.m. September 26. The CDC report translates into a fatality rate of 18 percent. Based on past Listeria outbreaks, it will likely go higher. Fifteen illnesses have been reported in Colorado, 14 in Texas, 10 in New Mexico, eight in Oklahoma, six in Nebraska, five in Kansas and two each in Wisconsin and Indiana, with single cases in California, Florida, Illinois, Maryland, Missouri, Montana, North Dakota, Virginia, West Virginia and Wyoming, according to the CDC. Source: http://www.foodsafetynews.com/2011/09/cantaloupes-kill-more-than-peanut-butter/

Details

Banking and Finance Sector

16. September 28, U.S. Department of Treasury – (International) Treasury sanctions Lashkar-e Tayyiba leaders and founders. The U.S. Department of the Treasury September 28 announced the designation of two Lashkar-e Tayyiba (LET) leaders and founding members, pursuant to Executive Order (E.O.) 13224. "[The designees] are two of LET's most significant leaders," said the Under Secretary for Terrorism and Financial Intelligence. "Over the past 20 years, [they] have been responsible for fundraising, recruitment, and indoctrination of operatives. By targeting the core of LET’s leadership, [this] action aims to degrade its ability to facilitate its terrorist activities.“ LET is a Pakistan-based terrorist group with links to the al-Qa’ida network that is responsible for the November 2008 Mumbai, India attacks, and July 2006 Mumbai train bombings. LET was designated by the United States pursuant to E.O. 13224 and named a Foreign Terrorist Organization in December 2001, and was added to the UN 1267/1989 list in May 2005. Jamaat-ud-Dawa (JUD) was designated as an alias of LET under E.O. 13224 in April 2006, and was added to the UN 1267/1989 list as an alias of LET in December 2008. As a result of the September 28 action, U.S. persons are generally prohibited from engaging in transactions with the men, and any assets they may have in the United States are frozen. Source: http://www.treasury.gov/press-center/press-releases/Pages/tg1313.aspx

17. September 28, Associated Press – (International) Dutch say raids conducted in 7 countries in alleged $200 million investment fraud; 4 arrests. Dutch authorities September 28 said raids have been conducted in 7 countries in connection with an alleged $200 million investment fraud scheme, and 4 men have been arrested. The country’s financial crime prosecutors said they suspect hundreds of investors were conned into fraudulent investments in U.S. life insurance policies by a firm called Quality Investments BV. Prosecutors said September 28 four Dutch men have been arrested, two in the Netherlands, and one each in Switzerland and Turkey. Raids were also conducted in Spain, Dubai, England, and the United States, in which millions of euros in assets were seized in hopes of recovering some money for duped investors. Source: http://www.washingtonpost.com/business/dutch-say-raids-conducted-in-7-countries-in-alleged-200-million-investment-fraud-4-arrests/2011/09/28/gIQAzKb73K_story.html

18. September 28, Financial Crimes Enforcement Network – (National) Second quarter mortgage loan fraud suspicious activity persists. The Financial Crimes Enforcement Network (FinCEN) September 28 reported in its Second Quarter 2011 Analysis of mortgage loan fraud suspicious activity reports (MLF SARs) that financial institutions filed 29,558 MLF SARs in the second quarter of 2011 up from 15,727 MLF SARs reported in the same quarter of 2010. A large majority of the MLF SARs examined in the second quarter involved mortgages closed during the height of the real estate bubble. The upward spike in second quarter MLF SAR numbers is directly attributable to mortgage repurchase demands and special filings generated by many institutions. For instance, FinCEN noted 81 percent of the MLF SARs filed during the quarter involved suspicious activities that occurred before 2008; 63 percent involved suspicious activities that occurred 4 or more years ago. Source: http://www.fincen.gov/news_room/nr/html/20110927.html

19. September 28, Infoworld – (National) Businesses are failing to maintain data security. The Payment Card Industry's Data Security Standard (PCI DSS) has matured in the 6 years since it was enacted, but businesses are failing to maintain their compliance with the security standard, according to a report released by Verizon Business September 28. In the report, Verizon Business analyzed more than 100 PCI compliance cases conducted in the last year. Its basic finding: The vast majority of firms are unable to remain compliant with the 12 requirements of the standard over the course of a year. Only 21 percent of firms stayed compliant with the Data Security Standards between their last successful assessment and their checkup a year later, the report found. The director of global PCI services for Verizon Business said, "We see many organizations do successful implementations, but we see a backslide as the year progresses, and then they end out of compliance for the rest of the year." Firms had problems with protecting card holder data, tracking and monitoring access to sensitive data, and regularly testing system security and processes, the report states. Source: https://www.infoworld.com/t/data-loss-prevention/businesses-are-failing-maintain-data-security-174219?source=rss_infoworld_top_stories_

20. September 27, Federal Bureau of Investigation – (New Jersey; Florida) Largest recruiter of investors to $930 million ponzi scheme admits lying to the IRS about millions in related income. The man who brought more individuals than anyone else to invest in a $930 million Ponzi scheme admitted September 27 to failing to report millions of the more than $12 million in related commissions he received to the Internal Revenue Service (IRS), a U.S. attorney for the District of New Jersey announced. The 63-year-old Naples, Florida man pleaded guilty to an information charging him with one count of subscribing to a false tax return. During the proceeding, he admitted he recruited more than 60 individuals to invest in Capitol Investments USA Inc., which a 42-year-old of Miami Beach, Florida man has admitted was a fraud. The 63-year-old was an investor in Capitol, which the 42-year-old used to solicit about $930 million between January 2005 and November 2009 from individuals who believed they were investing in the man's grocery distribution business. The 63-year-old personally invested more than $100 million. In return for bringing new investors to Capitol, he was paid commissions equal to as much as the interest payments for those investors. He received more than $12 million for bringing more than 60 investors to Capitol — more money than any other individual received and for more investors than any other individual recruited. Individuals recruited by the defendant invested more than $307 million with Capitol, eventually losing more than $38 million. In pleading guilty to subscribing to a false tax return that failed to report $1.7 million income for 2005, he admitted he also failed to report Capitol-related income for 2004 through 2007. According to the information, he failed to report more than $6.4 million in income during that time. The charge to which he pleaded guilty carries a maximum potential penalty of 3 years in prison, and fine of $250,000 or twice the gain or loss from the offense. Source: http://7thspace.com/headlines/395319/largest_recruiter_of_investors_to_930_million_ponzi_scheme_admits_lying_to_the_irs_about_millions_in_related_income.html

21. September 27, United Press International – (Nevada) Morgan Stanely, Nevada, settle fraud case. U.S. banking giant Morgan Stanley and Nevada agreed September 27 to a $40 million settlement in a mortgage fraud case, the state's attorney general (AG) said. The AG said in a statement the settlement was reached with the bank to end an investigation involving 3,000 subprime mortgages the bank purchased and sold to investors. Morgan Stanley Capital Holdings also agreed to improve its practices and "refund and adjust interest rates for certain Nevada borrowers." In the settlement, the bank agreed to pay $7.2 million that will go toward combating foreclosures and preventing mortgage fraud in the state. The settlement, called an assurance of discontinuance, "will provide relief to between 600 and 700 customers, and will provide relief valued at between $21 million and $40 million," the AG said. The state said the New York bank deceived customers about interest rates, including the "payment shock" of rates that climbed "when an initial teaser rate expired." Some customers, the state said, qualified for loans only at the teaser rate, but not at the adjusted rate that would be in effect "for most of the loan's term." Source: http://www.upi.com/Business_News/2011/09/27/Morgan-Stanely-Nevada-settle-fraud-case/UPI-23221317156852/?spt=hs&or=bn

22. September 27, WJW 8 Cleveland – (Ohio) CEO pleads guilty to role in Croatian credit union collapse. The man that federal prosecutors said was responsible for issuing more than 1,000 fraudulent loans that ultimately led to one of the largest credit union failures in U.S. history pleaded guilty for his crimes September 27 in Ohio. The former chief operating officer (COO) of the St. Paul Croatian Federal Credit Union, pleaded guilty to 6 counts, including bank fraud, money laundering and bank bribery, for his role in the failure of the credit union, according to the U.S. Attorney for the Northern District of Ohio. The 52-year-old from Mentor, Ohio, issued more than 1,000 fraudulent loans totaling more than $70 million to more than 300 account holders at St. Paul from 2000 to April 2010, court documents said. Prosecutors claimed the man issued loans with no collateral and falsely represented them to the National Credit Union Administration (NCUA) as secured loans, when they were not. Prosecutors said for issuing the loans the man accepted more than $1 million worth of bribes, kickbacks, and gifts. He is one of 16 people who have been charged for their roles in the credit union collapse. At the time of the credit union being place into conservatorship, St. Paul served 5,400 members and was believed to have assets of about $238.8 million. Source: http://www.fox8.com/news/wjw-news-raguz-guilty-plea-credit-union-collapse,0,4539769.story

23. September 27, St. Paul Pioneer-Press – (Minnesota) Third defendant pleads guilty in $20 million mortgage fraud case. A man pleaded guilty September 27 to his role in a $20 million mortgage fraud, making the Chanhassen, Minnesota man the third to admit his involvement in the case. The 52-year-old was a straw buyer in a scheme that involved 57 Minnesota properties from 2004 to 2007. The scam's participants identified properties that could be purchased, recruited straw buyers and submitted false financial information to obtain mortgages, court papers said. Straw buyers were allegedly told they could use the kickbacks to put toward the mortgage or improve the property. The defendant received about $580,000 in concealed payments from the six residential properties he purchased, according to the charges. The loans on the 57 properties totaled more than $20 million, and lenders suffered "significant losses" when the homes later went through foreclosures and short sales, prosecutors said. The loss specific to the defendant's involvement was calculated by prosecutors at between $1 million and $2.5 million. He pleaded guilty September 27 to one count of conspiracy to commit wire fraud before a U.S. district judge. The crime carries a maximum penalty of 20 years in prison. Source: http://www.twincities.com/business/ci_18991261

For another story, see item 52 below in the Information Technology Sector

Information Technology Sector

50. September 28, The Register – (International) Java, Adobe vulns blamed for Windows malware mayhem. Failure to patch third-party applications has become the main reason Windows machines get infected with malware, according to a report released by CSIS September 27. Systems running vulnerable versions of Java JRE, Adobe Reader and Acrobat, and Adobe Flash were particularly at risk of attack. Up to 85 percent of all virus infections happen as the result of drive-by attacks served up via commercial exploit kits, with 31.3 percent of users that were exposed to the exploit kits being secretly fed malware. CSIS concluded that "99.8 percent of all virus/malware infections caused by commercial exploit kits are a direct result of the lack of updating five specific software packages." Source: http://www.theregister.co.uk/2011/09/28/window_malware_infection_exposed/

51. September 28, Help Net Security – (International) Microsoft takes down Kelihos botnet. After having disrupted the operation of the Waledac and Rustock botnets, Microsoft set its sights on a smaller one that is thought to be an attempt to rebuild the Waledac botnet, Help Net Security reported September 28. Microsoft used the same tactics it employed in the previous cases — it asked a U.S. court for permission to shut down the Internet domains/command-and-control servers for the botnet. But what makes this case unique is the fact that for the first time a defendant was named in the suit and was notified of the action. In the complaint, Microsoft alleged that 23 individuals own a cz.cc domain used to register other subdomains that were used to operate and control the Kelihos botnet. The Kelihos botnet is rather small. Nevertheless, it is capable of sending out nearly 4 billion spam e-mails per day from approximately 41,000 computers located worldwide. Source: http://www.net-security.org/secworld.php?id=11699&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+HelpNetSecurity+(Help+Net+Security)&utm_content=Google+Reader

52. September 28, Softpedia – (National) Cyber security evaluation tool released by DHS. The DHS launched a product called Cyber Security Evaluation Tool (CSET) in the effort of aiding organizations in properly securing digital property, Softpedia reported September 28. The tool allows users to know the weak links in their systems and what needs to be improved so cybercriminal activities can be prevented and combated. The CSET application compares the network infrastructure of the user with industry rules. It then lists recommendations that should help enhance the safeguarding of the enterprises cyber structure. According to the product's fact sheet, it incorporates many standards from different organizations such as National Institute of Standards and Technology, North American Electric Reliability Corporation, International Organization for Standardization, and U.S. Department of Defense. When the operator selects one or more of the standards, the CSET will require her to answer a few questions. Based on these answers, a full report will be generated to show what can be improved. Source: http://news.softpedia.com/news/Cyber-Security-Evaluation-Tool-Released-by-DHS-224153.shtml

For more stories, see item 19 in the Banking and Finance Sector

Communications Sector

53. September 28, Williamsburg Yorktown Daily – (Virginia) Storm takes stations off air; repairs expected soon. A lightning strike at a transmitter near Williamsburg, Virginia, September 28 took Davis Media's two radio stations, 92.3FM The Tide and 107.9 BACHfm, off the air, but both stations were available by streaming online. Public utility companies and the stations' engineer were working to repair the issue, and they said the stations were expected to be back on the air soon. Source: http://wydaily.com/local-news/7390-storm-takes-stations-off-air-repairs-expected-soon.html

54. September 27, Visalia Times-Delta and Tulare Advance-Register – (California) Lindsay residents lose phone service for 2 hours. People trying to call Lindsay, California telephone numbers the afternoon of September 27 were greeted with busy signals or a message saying the phone circuits were temporarily overloaded. Telephone service was knocked out in Lindsay, according to the Tulare County Fire Department. The outage occurred around 4:30 p.m. Officials said contractors working in Sanger accidentally severed a fiber-optic line, disrupting phone service in Exeter. Cell phone customers were also affected. Communications to Tulare County fire stations in Lindsay, Strathmore, and Alpaugh were affected as well. The Lindsay Department of Public Safety was still able to receive calls for service at its business line as well as through the 911 system, so residents in need of emergency help were not in jeopardy. At 6:48 p.m., Tulare County Fire officials announced that phone service had been restored to Lindsay, Strathmore, and Alpaugh Stations in addition to City of Lindsay Fire Station #87. Source: http://www.visaliatimesdelta.com/article/20110927/NEWS01/110927009/Phone-service-disrupted-Lindsay