Thursday, September 20, 2012
Daily Report
Top Stories
• Entergy Corp said that damage from Hurricane
Isaac would cost its utilities in several States between $400 million and $500
million and would reduce power sales in the third quarter. – Reuters
4.
September 18, Reuters – (National) Entergy
estimates Hurricane Isaac damage at $500 million. Entergy Corp said
September 18 that damage from Hurricane Isaac would cost its utilities between
$400 million and $500 million and would reduce power sales in the third
quarter. Entergy, which supplies electricity to 2.8 million customers in
Arkansas, Louisiana, Mississippi, and Texas, said Hurricane Isaac left more
than 787,000 customers without power and damaged its power delivery
infrastructure. Isaac, which struck the Louisiana coast with 80 mph winds
August 28, ranks as the fourth worst storm in Entergy’s history in terms of
power outages. Distribution systems of the utilities had extensive damage,
Entergy said. Preliminary estimates showed that Isaac had damaged or destroyed
4,500 poles and 2,000 transformers. The storm also knocked 95 transmission
lines out of service along with 144 substations. No damage has been identified
at Entergy’s fossil or nuclear power plants, but detailed assessments are
continuing, the company said. Entergy Louisiana’s repair cost from Isaac is
estimated at $240 million to $300 million, followed by Entergy Gulf States
Louisiana at $70 million to $90 million; Entergy New Orleans at $50 million to
$60 million; Entergy Mississippi at $30 million to $40 million, and Entergy
Arkansas at $10 million, according to a company statement. Source: http://www.reuters.com/article/2012/09/18/us-entergy-outlook-idUSBRE88H0NP20120918
• A Washington State banker who helped
generate nearly $1 billion in mortgage loans during the housing bubble pleaded
guilty to submitting false loan applications and to submitting false statements
to banks to obtain loans. – Tacoma News Tribune See item 16 below in the Banking
and Finance Sector
• A structural failure at the busiest lock on
the Mississippi River in Illinois held up more than 280 barges, and will cost
the U.S. economy about $2.4 million each day until it is repaired. – KWMU
90.7 FM St. Louis
23. September
18, KWMU 90.7 FM St. Louis – (Illinois) Emergency repair at Lock 27
has barge traffic at a standstill. A structural failure at Lock 27, which
is located near Granite City, Illinois, caused major shipping problems
September 18 on the Mississippi River. There were more than 280 barges at a
standstill holding the equivalent of 16,000 semi-trucks worth of cargo. A
barrier called a protection cell that is used to keep barges from bumping into
the lock itself ruptured, spilling rocks into the waterway and blocking
shipping lanes. A U.S. Army Corps of Engineers spokesman said it could take 24
hours or more for the problem to be fixed. Lock 27 is the busiest on the
Mississippi River, and the spokesman said it costs the larger economy around
$2.4 million each day it is closed. A Coast Guard spokesman said a narrow
shipping lane brought on by the drought is an added concern. He said there was
no imminent threat to public safety, but said they are especially worried about
the cargo on some barges. Source: http://news.stlpublicradio.org/post/emergency-repair-lock-27-has-barge-traffic-standstill
• Fire damage will sideline a wastewater
treatment plant in La Paz County, Arizona, for 3 months with trucks taking
sewage elsewhere for treatment. – AZInews.com
31.
September 19, AZInews.com – (Arizona) Sewage
plant to be offline for 3 months. The Buckskin Sanitary District in the
Parker Strip section of La Paz County, Arizona, must transport sewage for
treatment elsewhere because its wastewater treatment plant was heavily damaged
by fire, AZInews.com reported September 19. The September 13 fire destroyed the
plant inside, said the district manager. ―It’s offline.‖ He said fire insurance
will cover repairs that will take 90-120 days to complete. Sewage flowing into
the plant was being pumped into 2 trucks making up to 20 trips a day to
transport the material about 5 miles for treatment at the Joint Venture
facility. Buckskin District customers were asked to conserve to minimize the
cost of the temporary pump and transport operation. A HAZMAT crew from the Lake
Havasu City Fire Department assisted the Buckskin Fire Department because of
the presence of containers of chlorine used in sewage treatment. ―The HAZMAT
team members entered the building and determined the chlorine gas cylinders
were still leaking,‖ said Lake Havasu City Fire Department news release. One
Lake Havasu City firefighter was injured when he was overcome by fumes and was
transported to a hospital where he stayed overnight for observation. Source: http://www.azinews.com/2012/09/19/sewage-plant-to-be-offline-for-3-months/
• Many U.S. schools are not prepared for
bioterrorism attacks, outbreaks of emerging infectious diseases or pandemics, a
study found. – Saint Louis University
36.
September 17, Saint Louis University –
(National) Majority of US schools not ready for next pandemic, SLU
researchers say. Many U.S. schools are not prepared for bioterrorism
attacks, outbreaks of emerging infectious diseases or pandemics, despite the
recent 2009 H1N1 influenza pandemic that resulted in more than 18,000 deaths
worldwide, Saint Louis University researchers say. The study surveyed about
2,000 nurses working in elementary, middle, and high schools across 26 States.
The findings reveal that only 48 percent of schools address pandemic
preparedness and only 40 percent of schools have updated their plans since the
2009 H1N1 pandemic that spread illnesses in more than 214 countries. Published
in the American Journal of Infection Control, the study also found that 44
percent of schools do not participate in community surveillance that tracks the
presence of a disease based upon symptoms reported by area residents. These
efforts are coordinated through local public health departments that assess
indicators of biological threats. In order to have a regular and strong
pandemic preparedness program, the study’s lead researcher suggests that school
nurses should be involved in building and assessing the plan. Source: http://slu.edu/x67767.xml
Details
Banking and Finance Sector
13. September
19, U.S. Securities and Exchange Commission – (Georgia; National) SEC
charges Atlanta-based adviser with operating Ponzi-like scheme involving
private investment funds. The Securities and Exchange Commission (SEC)
September 19 announced charges against a private fund manager and his
Atlanta-based investment advisory firm for defrauding investors in a purported
―fund-of-funds‖ and then trying to hide trading losses by creating new private
funds to make money to pay back the original fund investors in Ponzi-like
fashion. The SEC is seeking an emergency court order to freeze the assets of
the manager and Summit Wealth Management Inc. and prevent further investor
losses, which are estimated to be $17 million among approximately 200 clients.
The manager told investors his fund was investing their money in other funds
and investment products with minimal exposure to risks, while he actually
invested the money in stocks. Those stocks led to losses that he tried to cover
up by creating new funds and transferring money from new to old funds to cover
up his losses. The hedge funds were Private Credit Opportunities Fund LLC and
Asset Diversification Fund LP. Source: http://www.sec.gov/news/press/2012/2012-192.htm
14. September
18, Help Net Security – (International) Bogus ‘Refund Pending’
emails targeting PayPal customers. Fake PayPal notifications about a bogus
refund are hitting inboxes around the world, trying to trick users into
following the offered link and supposedly log into their accounts to receive
it. The link will take users to a page that looks like PayPal’s log-in page,
but is actually a fake one mimicking PayPal’s, and all the information
submitted gets forwarded directly to the phishers behind the scheme. They will
then likely use it to hijack the victim’s PayPal and gain entrance to other
online accounts. Source: http://www.net-security.org/secworld.php?id=13615
15. September
18, WLNE 6 New Bedford – (Rhode Island; Massachusetts) ‘Bearded
Bandit’ hits Pawtucket Credit Union in East Providence. The Pawtucket
Credit Union in East Providence, Rhode Island, was robbed September 18, and
police said the robber matched the description of the ―Bearded Bandit‖. The
bandit is wanted for eight other robberies in Rhode Island and Massachusetts.
Police said the man told a teller that he had a weapon, but did not display it.
When the teller gave him money, the bandit left the bank on foot with an
indeterminate amount of cash. Source: http://www.abc6.com/story/19577616/bearded-bandit-hits-pawtucket-credit-union-in-east-providence
16. September
18, Tacoma News Tribune – (Washington; National) Ex-Pierce
Commercial Bank VP pleads guilty to loan-fraud charges. A Puyallup,
Washington banker whose prodigious generation of home loan applications made
him one of the nation’s top mortgage loan originators during the housing bubble
pleaded guilty September 18 to two federal charges of conspiracy to submit
false loan applications and submitting false statements to a financial
institution to obtain a loan. The ultimate failure of dozens of those loans led
to the demise of Tacoma’s Pierce Commercial Bank under a mountain of millions
of dollars in defaulted debt. The former senior vice president at Pierce
Commercial Bank admitted he had fabricated employment, financial, and housing
records to ensure loans would be funded. According to court documents, the man
and his associates, operating semi-autonomously from Pierce Commercial Bank as
PC Home Loans, generated nearly $1 billion in home loan applications for the
bank over several years. Two of his associates already pleaded guilty to lesser
charges, and the third was scheduled for a change-of-plea hearing. The four
were indicted in August 2011 after a lengthy investigation by the FBI, the
Internal Revenue Service, the Department of Housing and Urban Development, and
the U.S. Postal Service. Source: http://www.thenewstribune.com/2012/09/18/2301092/ex-pierce-commercial-bank-vp-pleads.html
17. September
18, U.S. Federal Bureau of Investigation – (California) Top
managers of ‘Direct Money Source’ arrested in major foreclosure prevention scheme
targeting homeowners in distress. The top two managers at a Westwood,
California-based mortgage brokerage were arrested on federal charges relating
to a foreclosure avoidance and equity-skimming scheme that targeted distressed
homeowners, said a statement from the FBI September 18. According to an
indictment, the scheme led several mortgage lenders to disburse more than $15
million in loan proceeds — with nearly half of that being lost to the fraud
conspiracy. Federal authorities arrested the principal owner and the
second-in-charge at Direct Money Source (DMS), a mortgage brokerage that
allegedly operated as an equity-skimming operation that took possession of
distressed homeowners’ equity under false pretenses and also defrauded mortgage
lenders. A third defendant who worked at DMS surrendered. The fourth defendant
named in the indictment is a fugitive being sought by authorities. A federal
grand jury indictment charged all four defendants with conspiracy, wire fraud,
loan fraud, and aggravated identity theft. The principal owner and
second-in-charge were additionally charged with money laundering. Source: http://www.loansafe.org/top-managers-of-direct-money-source-arrested-in-major-foreclosure-prevention-scheme-targeting-homeowners-in-distress
18. September
18, Bloomberg News – (International) SEC claims Australia man ran $53 million
forex investment fraud. U.S. regulators accused an Australia man of raising
at least $53 million from investors with false claims that he ran a group of
elite foreign-exchange traders who could generate 78 percent annual returns,
Bloomberg News reported September 18. The man and his Brisbane, Australia-based
firm, Investment Intelligence Corp., promised investors ―unlimited‖ passive
income from his strategy of making only a few select trades each month with no
more than 3 percent of an investors’ capital at risk in any given trade, the
Securities and Exchange Commission (SEC) said in a lawsuit. The Commodity
Futures Trading Commission filed a parallel lawsuit. The man’s fraud came to
light in May, when investors discovered their accounts had lost 63 percent of
their value after about 200 trades had occurred in a 2-day period, the SEC
said. Following the losses, the man issued a white paper to investors,
encouraging them to add more capital to their accounts to ―recoup the losses
faster,‖ according to the complaint. Source: http://www.bloomberg.com/news/2012-09-18/sec-claims-australia-man-ran-53-million-forex-investment-fraud.html
19. September
18, NBCConnecticut.com – (Connecticut; National; International) 7
held, 2 hunted in $165,000 lottery scam targeting elderly. Seven people
were arrested and warrants were issued for two others in a lottery scam based
in Fairfield County, Connecticut, that targeted elderly people across the
United States and caused losses in excess of $165,000, NBCConnecticut.com
reported September 18. Those involved were charged with money laundering,
racketeering, larceny, and conspiracy. Police in Stamford so far identified 31
victims from across the United States, mostly between 80 and 90 years old.
Police said the ring contacted victims by telephone or letter, telling them
that they had won a prize. Before collecting any supposed winnings, the victims
were told that they would have to pay taxes or fees and send money through
Western Union or U.S. Postal Service money orders. The money was then
transferred to Costa Rica. Source: http://usnews.nbcnews.com/_news/2012/09/18/13931551-7-held-2-hunted-in-165000-lottery-scam-targeting-elderly?lite
20. September
18, Reuters – (International) Bank of America website slows; Prophet film
threat made. Bank of America Corp’s online banking Web site suffered
intermittent problems September 18 amid threats on the Internet that a group
was planning to launch cyber attacks on the bank and other U.S. targets to
protest a film that stirred unrest in the Middle East. Someone claiming to
represent ―cyber fighters of Izz ad-din Al qassam‖ said it would attack the
Bank of America and the New York Stock Exchange in a statement posted on
pastebin.com. Bank of America said its Web site was available but some
customers might experience occasional slowness. The New York Stock Exchange
declined to comment. Bank of America customers reached by Reuters in New York,
Georgia, Ohio, and Michigan said they could not access the Web site. Source: http://news.yahoo.com/customers-reporting-bofa-website-problems-183410329--sector.html
For
another story, see item 44 below in the Communications
Sector
Information Technology Sector
39. September
19, Softpedia – (International) Victims of phishing attacks unaware their
websites are compromised, APWG finds. A study by the Anti-Phishing Working
Group (APWG) reveals many Web site owners whose domains have been compromised
by phishers are unaware that they are victims of a cybercriminal operation. In
order to ensure their phishing campaigns do not get interrupted by security
solutions providers, cybercriminals often take over legitimate hosts on which
they plant their malicious Web pages. The results of the study show attackers
are still mostly targeting environments that rely on Linux, Apache, MySQL,
andPHP. The biggest concern is that in 80 percent of the cases, the site’s
owners are unaware they are part of a criminal operation until a third party
notifies them. In 40 percent of cases, phishing pages are removed from sites
within 24 hours after they were planted. Close to 60 percent of the respondents
claimed to have taken down the malicious Web sites within 2-3 days. Most
individuals who experienced such incidents do not know much about how they
became victims. Source: http://news.softpedia.com/news/Victims-of-Phishing-Attacks-Unaware-Their-Websites-Are-Compromised-APWG-Finds-293391.shtml
40. September
19, The Register – (International) New vicious UEFI bootkit vuln found for
Windows 8. Security researchers discovered security shortcomings in Windows
8 that create a means to infect the upcoming operating system with
rootkit-style malware. Italian security consultants ITSEC discovered the
security hole following an analysis of the Unified Extensible Firmware
Interface (UEFI), a successor to the legacy BIOS firmware interface, that
Microsoft began fully supporting with 64-bit versions of Windows 7. ITSEC
analyzed the UEFI platform now that Microsoft ported old BIOS and MBR’s boot
loader to the new UEFI technology in Windows 8. A senior security researcher at
ITSEC used the research to create what is seen as the first UEFI bootkit
targeting Windows 8. The proof-of-concept malware is able to defeat Windows 8’s
Kernel Patch Protection and Driver Signature Enforcement policy. The UEFI boot
loader developed by the researcher overwrites the legitimate Windows 8 UEFI
bootloader, bypassing security defenses in the process. Source: http://www.theregister.co.uk/2012/09/19/win8_rootkit/
41. September
18, Ars Technica – (International) Microsoft pledges temporary fix for critical
IE bug under attack. Microsoft plans to release a temporary fix for a
critical Internet Explorer (IE) vulnerability that attackers are exploiting to
install malicious software when unsuspecting end users visit booby-trapped Web
sites. Microsoft’s announcement September 18 that it will make a temporary
patch available, known as a Fixit, in the next few days came as a security
researcher spotted three more Web sites that exploited the vulnerability.
Source: http://arstechnica.com/security/2012/09/microsoft-pledges-fix-for-critical-internet-explorer-bug/
42. September 18, Threatpost – (International) Grum botnet
attempts another comeback, fails again. The Grum botnet, which Dutch
authorities and security researchers took offline earlier during the summer,
made a second, unsuccessful attempt at a comeback the weekend of September 15
when the bot herders stood up two new command-and-control (C&C) servers in
Turkey. The revival was short-lived however, and both C&Cs were taken
offline. After spending months, or in some cases, years, building up their
networks of infected machines and carefully choosing C&C server locations,
bot herders are reluctant to let go of their creations even in the face of
serious attention from law enforcement. Source: http://threatpost.com/en_us/blogs/grum-botnet-attempts-another-comeback-fails-again-091812
For more stories, see items 14 and 20 above in
the Banking and Finance Sector
and 44 and 45 below in the Communications Sector
Communications Sector
43. September
18, San Antonio Express-News – (Texas) KLRN is off the air
for some. An estimated 30 percent of local public television viewers in San
Antonio have not been able to watch KLRN 9 San Antonio for several days because
of a weather-related outage, San Antonio Express-News reported September 18.
Engineers have been working around the clock to restore the signal, which
originally was knocked out by storm damage to microwave equipment atop the
station’s broadcast tower. A temporary fix could be in place the week of
September 17, said the KLRN 9 San Antonio vice president of communications. She
does not expect a permanent solution until September 24 at the earliest because
the parts needed likely would not arrive until then. Source: http://www.mysanantonio.com/news/local_news/article/KLRN-is-off-the-air-for-some-3875745.php
44. September
18, SecurityNewsDaily – (National) Hacked touch tones crash
phone networks, steal data. According to one security researcher,
interactive voice response systems (IVRs) — the ones people use to check and
store voicemail and the ones people interact with when they call the bank — are
so insecure that they could be tricked into spitting out sensitive information
or taken down completely with just a single phone call. ―No banks or organizations
are testing IVRs because they think the systems are secure, but in reality,
they are not. No firewall or CAPTCHAs monitor voice traffic,‖ said a spokesman
who works for security company iSight Partners. He explained that when a
system’s audio processing algorithms are fed strange DTMF (dual-tone
multi-frequency) signals, it can cause the entire system to behave strangely or
crash calls. Source: http://www.securitynewsdaily.com/2289-phone-hack-data-dump.html
45. September
18, Reuters – (National) T-Mobile USA, RIM resolve issue that hurt some
BlackBerry users. Research In Motion Ltd said September 18 a service
disruption that affected Internet browsing for some BlackBerry users on
T-Mobile USA’s network had been resolved. T-Mobile September 18 said some of
its BlackBerry smartphone users were unable to use the device for emails or
Internet browsing. The partial service disruption was limited to customers of
the BlackBerry 9900 and did not affect phone call services and text messaging, according
to T-Mobile USA, a unit of Deutsche Telekom. Source: http://www.chicagotribune.com/business/sns-rt-us-researchinmotion-tmobileusabre88h18x-20120918,0,4103378.story
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.