Thursday, October 4, 2012
Daily Report
Top Stories
• Problems at California refineries have
slashed supplies, cutting fuel production and raising wholesale prices to
levels not seen since 2007. – San Jose Mercury News
3.
October 3, San Jose Mercury News –
(California) Refinery problems send California gas prices skyrocketing. Problems
at California refineries have slashed supplies across the State, cutting fuel
production and raising wholesale prices — the price stations pay for their
gasoline — by as much as 73 cents, to levels not seen since 2007, the San Jose
Mercury-News reported October 3. ―California gasoline prices may surge in the
next 5 days, perhaps to levels higher than February‘s $4.33-a-gallon average,‖
said an analyst with Gasbuddy.com. ―It is within the realm of possibility that
average prices reach near $4.40 or even higher if the situation worsens.‖
Bloomberg News reported that Exxon Mobil‘s 150,000-barrel-a-day Torrance
refinery lost power October 1 and may suffer production problems for another
week. Chevron‘s Kettleman-Los Medanos pipeline, which carries crude from Kern
County to Northern California refineries, was shut down October 1 after
elevated levels of organic chloride were detected in the oil. In addition,
Chevron‘s 240,000-barrel-a-day Richmond plant, the largest refinery in Northern
California, has been running at reduced capacity since a fire August 6.
Maintenance work at the Phillips 66 plants in Rodeo and Arroyo Grande was under
way, further curbing State supplies. Source: http://www.mercurynews.com/traffic/ci_21682632/refinery-problems-send-california-gas-prices-skyrocketing
• A Russian agent was arrested for using a
Texas-based front company to send sensitive U.S. technology to the Russian
military and intelligence agencies. – ABC News
10.
October 3, ABC News – (International) Russian
agent sent advanced US military tech home: Feds. A Russian agent was
arrested for allegedly using a Texas-based front company to send sensitive
American technology to the Russian military and intelligence agencies, the
Department of Justice said October 3. According to federal officials, the man
was at the center of a Russian ―military procurement ring‖ that for years
employed complex schemes to trick U.S. customs agents into believing his
company was shipping harmless goods — like traffic light parts — to Russia,
rather than advanced microelectronics that could be used in military
applications including radar and surveillance systems, weapons guidance
systems, or detonation triggers. The ring also allegedly provided microchips to
a specialized electronics laboratory run by the FSB, Russia‘s intelligence
agency and successor to the KGB. In addition to the agent, 10 other suspects
working in the United States and in Russia were indicted for their alleged role
in the scheme. The ploy was apparently so significant that U.S. officials said
in court documents the front company‘s fluctuating revenue bore a ―striking
similarity‖ to fluctuations in Russian defense spending over the last several
years. Source: http://abcnews.go.com/Blotter/russian-agent-advanced-us-military-tech-home-feds/story?id=17385118#.UGxwP65T-Hs
• Four people have died and 22 more in 5 States
were made sick by meningitis linked to a rare fungal infection blamed on
contaminated steroids. – NBC News
30.
October 3, NBC News – (National) Fungal
meningitis suspected in four deaths, 26 cases as outbreak grows. Four
people have died and 22 more were made sick by meningitis linked to a rare
fungal infection blamed on contaminated steroids, health officials said October
3. They are ―almost certain‖ more will be identified before it is over. The 26
cases include 18 people in Tennessee, 1 in North Carolina, 2 in Florida, 3 in
Virginia, and 2 in Maryland, the U.S. Centers for Disease Control and
Prevention reported. Two of the deaths were in Tennessee, one in Virginia, and
one in Maryland. The chief suspect is contaminated vials of a pain treatment
injected directly into the spine. The drug, called methylprednisolone acetate,
was made by a compounding pharmacy — one that makes drugs to order. The
suspected batches were made without any preservatives. Several of the patients
are seriously ill, said the Tennessee Department of Health commissioner. Two
clinics have closed voluntarily and a third is no longer giving the injections.
Source: http://vitals.nbcnews.com/_news/2012/10/03/14203956-fungal-meningitis-suspected-in-four-deaths-26-cases-as-outbreak-grows?lite
• Trusteer researchers discovered a new
Man-in-the-Browser scam that does not target specific Web sites, but instead
collects data submitted to all sites without the need for post-processing. – Help
Net Security
See
item 46 below in the Information Technology Sector
• Despite their efforts, federal officials
have been unable to stop Lake Okeechobee from rising, putting extra strain on
Herbert Hoover Dike, one of the country‘s most at risk of failure. – South
Florida Sun-Sentinel
65. October
2, South Florida Sun-Sentinel – (Florida) Water in Lake
Okeechobee still rising as dumping continues. Flushing billions of gallons
of water out to sea has not stopped Lake Okeechobee, and south Florida flood
concerns, from rising, the South Florida Sun-Sentinel reported October 2. The
U.S. Army Corps of Engineers since September 19, has been draining water from
the lake to ease the strain on the Herbert Hoover Dike, considered one of the
country‘s most at risk of failure. Discharges to the east and west coast dumped
about 11 billion gallons of lake water out to sea as of September 29, according
to the Corp. It tries to keep the lake between 12.5 and 15.5 feet above sea
level. The lake was at 15.63 feet October 1. The Corps considers 17.25 feet to
be the maximum allowable threshold for the dike, with dike stability becoming
an even greater risk if the lake tops 18 feet. Five years of construction aimed
at strengthening the lake‘s ailing 143-mile dike has cost taxpayers more than
$360 million and the work remains far from finished. The dike rehab so far has
focused on building a reinforcing wall aimed at stopping erosion on a 21-mile
southeastern portion that is considered the most vulnerable to a breach.
Draining lake water helps protect the 70-year-old dike, but it also wastes lake
water relied on to back up south Florida water supplies during the typically
dry winter and spring. In addition, dumping billions of gallons of lake water
out to sea has damaging environmental consequences on coastal estuaries;
threatening fishing grounds and water quality in prime tourism territory.
Source: http://www.sun-sentinel.com/news/palm-beach/fl-lake-okeechobee-dumping-continues-20121001,0,6400558,full.story
Details
Banking and Finance Sector
12. October
3, NBC News; Reuters – (National) Corporate lawyer admits stealing $10 million from
clients. A Manhattan, New York corporate lawyer pleaded guilty October 2 to
stealing more than $10 million in clients‘ money. The plea ended a year-long
legal saga that began September 2011 when the lawyer flew to Hong Kong — a day
after the Manhattan district attorney‘s office notified his law firm, Crowell
& Moring, that he was the subject of a criminal probe. Prosecutors later
accused him of embezzling millions in escrow funds starting in 2009, when he
allegedly began siphoning money into bank accounts he controlled. Prosecutors
accused him of fleeing to avoid arrest. The man pleaded guilty to several
counts of grand larceny and scheme to defraud. Source: http://usnews.nbcnews.com/_news/2012/10/03/14196449-corporate-lawyer-douglas-arntsen-admits-stealing-10-million-from-clients?lite
13. October
2, City News Service – (California; National) Attorney, salesman charged with
defrauding thousands. An Oceanside, California attorney and a telemarketing
salesman were arraigned in federal court October 2 on a 50-count indictment
charging them with defrauding thousands of homeowners in an $11 million ―loan
modification‖ fraud scheme. The attorney, salesman, and two other defendants
previously arraigned were accused of using the attorney‘s law firm, 1st
American Law Center (1ALC), to persuade victims to pay thousands of dollars
each by deceptively touting 1ALC‘s purported success and legal resources, and falsely
promising that 1ALC would successfully modify their residential mortgage loans.
The defendants and their co-conspirators allegedly used high-pressure sales
tactics and outright lies to prey on homeowners across the country who were
struggling to make their monthly mortgage payments and were at risk of losing
their homes to foreclosure. The four defendants were charged with conspiring to
commit mail fraud and wire fraud. The attorney was also charged with money
laundering. Source: http://camppendleton.patch.com/articles/attorney-salesman-charged-with-with-defrauding-thousands
14. October
2, Associated Press – (National) Fla. man gets prison for NY investment fraud. A
Florida mutual fund executive October 2 admitted to a $11 million fraud where
he lied and promised investors early shares in companies such as Facebook and
Groupon and spent their money instead on a lavish lifestyle. The man pleaded
guilty in court in New York City to defrauding investors by claiming falsely in
2010 and 2011 that he and his mutual funds owned shares in Facebook Inc. and
Groupon Inc., which were then privately traded. The judge accepted the man‘s
plea to charges of conspiracy, securities fraud, and wire fraud but said he
will wait to decide whether to accept his plea to a money laundering charge
because it was unclear that the man fully conceded his guilt. Source: http://online.wsj.com/article/AP093ee9b0ff0d4bb29643e714f1e1ed43.html
Information Technology Sector
45. October
3, The Register – (International) Zombie-animating malnets increase 300% in
just 6 months. Cyber criminals are bolstering the infrastructure behind the
delivery of botnets, a move that is leading toward more potent and numerous
threats, say researchers. Botnet infections are commonly spread though
compromised Web sites seeded with malicious scripts and promoted via black hat
SEO tactics such as link farms. These malware networks, or malnets, pose a
growing threat, according to a new study by Web security firm Blue Coat.
Malnets largely deal in mass-market malware, and, as such, are different from
advanced persistent threats (APTs) associated with cyber-espionage attacks
targeting large corporations and Western governments. Attacks will be updated
and changed, but the underlying infrastructure used to lure in users and
deliver these attacks is reused. The ease with which cyber criminals can launch
attacks using malnets creates a vicious cycle, a process by which individuals
are lured to malware, infected, and then used to infect others. Source: http://www.theregister.co.uk/2012/10/03/malnets/
46. October
3, Help Net Security – (International) Universal Man in the Browser attack targets
all Web sites. Trusteer researchers discovered a new Man-in-the-Browser
(MitB) scam that does not target specific Web sites, but instead collects data
submitted to all sites without the need for post-processing. This development,
which they are calling Universal Man-in-the-Browser (uMitB), is significant.
Traditional MitB attacks collect data (log-in credentials, credit card numbers,
etc.) entered by the victim in a specific Web site. And while MitB malware may
collect all data entered by the victim, it requires post-processing by the fraudster
to parse the logs and extract the valuable data. Parsers are easily available
for purchase in underground markets, while some criminals simply sell off the
logs in bulk. According to Trusteer‘s CTO: ―In comparison, uMitB does not
target a specific web site. Instead, it collects data entered in the browser at
all websites and uses ‗generic‘ real time logic on the form submissions to
perform the equivalent of post-processing. This attack can target victims of
new infections as well as machines that were previously infected by updating
the existing malware with a new configuration. The data stolen by uMitB malware
is stored in a portal where it is organized and sold.‖ Source: http://www.net-security.org/malware_news.php?id=2283
47. October
3, CNET News – (International) Regulators shut down global PC ‘tech support’
scam. Regulators from five countries joined together in an operation to
crack down on a series of companies they say orchestrated one of the most
widespread Internet scams of the decade. October 3, the U.S. Federal Trade
Commission (FTC) and other international regulatory authorities said they shut
down a global criminal network that allegedly bilked tens of thousands of
consumers by pretending to be tech support providers. The chairman of the FTC
said 14 companies and 17 individuals were targeted in the investigation. In the
course of the crackdown, U.S. authorities froze $188,000 in assets, but the
chairman said that would increase over time due to international efforts.
Source: http://news.cnet.com/8301-13578_3-57525250-38/regulators-shut-down-global-pc-tech-support-scam/
48. October
3, Homeland Security News Wire – (International) Self-contained,
Android-based network to study cyber disruptions, help secure hand-held
devices. Cyber researchers at Sandia National Laboratories linked together
300,000 virtual hand-held computing devices running the Android operating
system so they can study large networks of smartphones and find ways to make
them more reliable and secure. Android dominates the smartphone industry and
runs on a range of computing gadgets. The work is expected to result in a
software tool that will allow others in the cyber research community to model
similar environments and study the behaviors of smartphone networks. Ultimately,
the tool will enable the computing industry to better protect hand-held devices
from malicious intent. Source: http://www.homelandsecuritynewswire.com/dr20121003-selfcontained-androidbased-network-to-study-cyber-disruptions-help-secure-handheld-devices
49. October
3, The H – (International) NIST names Keccak hashing algorithm as SHA-3.
The United States National Institute of Standards and Technology (NIST)
announced the winner of its competition to select a cryptographic hash
algorithm to bear the name SHA-3. The 5-year competition attracted 64 entries
in total with the winner being the Keccak algorithm created by four
researchers. The competition was created in 2007 when NIST had reasons to
suspect that the current SHA-2 algorithm might be threatened. Source: http://www.h-online.com/security/news/item/NIST-names-Keccak-hashing-algorithm-as-SHA-3-1722490.html
50. October
3, The H – (International) HSTS becomes IETF proposed standard. The
HTTP Strict Transport Security protocol (HSTS) was approved as a proposed
standard by the Internet Engineering Task Force. HSTS is designed to allow Web
sites to ensure that only secure connections are being made to them by
informing browsers that they should use a secure connection. The mechanism
works by the server responding with a Strict-Transport-Security header that
signals to the browser that it should connect using HTTPS for a time, not only
for this connection, but potentially for subdomains as well. Once a browser
gets this header, it is under orders to only use secure connections to the
site. Source: http://www.h-online.com/security/news/item/HSTS-becomes-IETF-proposed-standard-1722502.html
51. October 2, Threatpost – (International) Microsoft
reaches settlement with site linked to Nitol botnet. Microsoft announced
October 2 that it reached a settlement with the operator of a Chinese Web site
whose domain and sub-domains hosted more than 500 kinds of malware, including
the Nitol botnet found on brand new computers. In a lawsuit filed 2 weeks ago by
the software company, Microsoft alleged the domain 3322.org hosted Nitol, which
was found being preloaded onto computers during an investigation into supply
chain security in August. Microsoft created a sinkhole to divert infected
computers and was able to block some 609 million connections from more than
7,650,000 unique IP addresses to those subdomains in just 16 days. As part of
the settlement reached in a U.S. District Court in northern Virginia, the
registered owner of 3322.org will work with Microsoft and China‘s Computer
Emergency Response Team to prevent the site from remaining a conduit for
malicious activity. Source: http://threatpost.com/en_us/blogs/microsoft-reaches-settlement-site-linked-nitol-botnet-100212
52. October 2, New York Times – (International) Google warns
of new state-sponsored cyberattack targets. Beginning October 2, tens of
thousands more Google users will begin to see a message at the top of their
Gmail inbox, Google home page, or Chrome browser that state-sponsored attackers
may be attempting to compromise their account or computer. The company said
that since it started alerting users to malicious — probably state-sponsored —
activity on their computers in June, it has picked up thousands of more
instances of cyberattacks than it anticipated. A manager on Google‘s
information security team said that since Google started to alert users to
state-sponsored attacks 3 months ago, it gathered new intelligence about attack
methods and the groups deploying them. He said the company was using that
information to warn ―tens of thousands of new users‖ that they may have been
targets. Source: http://bits.blogs.nytimes.com/2012/10/02/google-warns-new-state-sponsored-cyberattack-targets/
For another story, see item 10 above in Top Stories
Communications Sector
53. October
3, WSB 750 AM/95.5 FM Atlanta – (Georgia) Six arrested in
Douglas Co. copper theft bust. Douglas County, Georgia authorities have
arrested six people in a major copper theft bust, WSB 750 AM/95.5 FM Atlanta
reported October 3. The sheriff said they have been working the case for 3
months after receiving a tip that the thieves were stealing copper from
telephone wires. ―They‘re six of them: four men, two women. They would go to
secluded areas in this county and other counties and use deer stands to climb
the telephone poles and cut the cable,‖ he said. They would then melt it down
and sell it. However, due to Georgia‘s tough new recycling laws, they had to go
to North Carolina to make any money. The sheriff said the six also caused
thousands of dollars of damage to AT&T, and disrupted phone service in
Douglas County, Coweta County, and Carroll County over the last few months.
Source: http://www.wsbradio.com/news/news/six-arrested-douglas-co-copper-theft-bust/nSR8L/
For another story, see
item 48 above in the Information Technology Sector
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.