Monday, July 1, 2013
• The U.S. Justice Department announced that China-based Sinovel Wind Group along with three individuals stole proprietary wind turbine technology from Massachusetts-based AMSC, cheating the company of more than $800 million. – Minneapolis Star Tribune
1. June 27, Minneapolis Star Tribune – (International) US indictment accuse Chinese company of stealing Mass. Software firms’ wind turbine technology. The U.S. Justice Department announced June 27 that China-based Sinovel Wind Group along with three individuals stole proprietary wind turbine technology from Massachusetts-based AMSC, cheating the company of more than $800 million, after the defendants stole software by downloading it from an AMSC computer in Wisconsin to a computer in Austria. The technology was believed to be used in the development of four Sinovel wind turbines that were installed in Massachusetts. Source: http://www.startribune.com/local/213408261.html
• Approximately 30 freight train cars derailed in Montgomery County, New York and closed a 12 mile stretch of Route 5 for over 22 hours. – Associated Press
11. June 27, Associated Press – (New York) Freight cars derail near Albany; accident closes, disrupt Amtrak. Approximately 30 freight train cars derailed in Montgomery County, New York June 27 and closed a 12 mile stretch of Route 5 for over 22 hours. Source: http://www.syracuse.com/news/index.ssf/2013/06/freight_cars_derail_in_upstate.html
• Over 9,600 Web sites that illegally sell potentially dangerous, unapproved prescription medicine were issued regulatory warnings or seized. – Dark Reading
19. June 28, Dark Reading – (International) FDA shuts down 9,600 illegal pharma websites. Over 9,600 Web sites that illegally sell potentially dangerous, unapproved prescription medicine were issued regulatory warnings or seized as the U.S. Food and Drug Administration and international regulators confiscated $41,104,386 worth of illegal medicines worldwide. The Web sites displayed fake licenses and certifications to convince consumers to purchase drugs as brand name and federally approved. Source: http://www.darkreading.com/attacks-breaches/fda-shuts-down-9600-illegal-pharma-websi/240157521
• A team of hackers posted a botnet creation kit that was used to take an estimated $250 million from banks online for anyone to download. – Krebs on Security See item 26 below in the Information Technology Sector
Banking and Finance Sector
3. June 28, ABA Journal – (Oregon) Prominent law grad takes plea in $13M securities fraud; civil case against him and lawyer ongoing. A prominent Oregon law school graduate pleaded guilty in a criminal securities fraud case involving a scheme in which he raised $13.2 million of investor money by falsely claiming he had access to scarce shares of social media stock in companies. Source: http://www.abajournal.com/news/article/prominent_law_grad_takes_plea_in_13m_securities_fraud_civil_case/
4. June 26, Financial Times – (New York) Artis ex-analyst on insider trading charge. A former Artis Capital analyst and a former Foundry chief information officer were arrested June 25 in California and will face charges of securities fraud and conspiracy for an alleged $27 million trading scheme. Source: http://www.ft.com/intl/cms/s/0/3a4b746a-9653-11e2-9ab2-00144feabdc0.html#axzz2XWuBgcvH
Information Technology Sector
25. June 28, Softpedia – (International) Ruby updated to address hostname check bypass flaw in SSL client. Ruby released several patches addressing a hostname check bypassing security hole in the SSL client that was discovered by an iSEC Partners researcher allowing cybercriminals to potentially launch man-in-the-middle attacks to spoof SSL servers. Source: http://news.softpedia.com/news/Ruby-Updated-to-Address-Hostname-Check-Bypass-Flaw-in-SSL-Client-364057.shtml
26. June 27, Krebs on Security – (International) Carberp code leak stokes copycat fears. The botnet creation kit, Carberp, coded by a team of hackers that used it to take an estimated $250 million from banks was posted online on multiple forums for anyone to download. Experts worry that its publication will create new hybrid strains of sophisticated banking malware. Source: http://krebsonsecurity.com/2013/06/carberp-code-leak-stokes-copycat-fears/
27. June 27, IDG News Service – (International) Cisco fixes serious vulnerabilities in email, Web and content security appliances. Cisco Systems released email, Web, and content security appliances patches addressing vulnerabilities in prior releases that could allow attackers to execute commands on the underlying operating system or disrupt critical processes. Source: http://www.networkworld.com/news/2013/062713-cisco-fixes-serious-vulnerabilities-in-271352.html
28. June 27, Associated Press – (New York) 2 lightning strikes on TV transmitter knock NY PBS station off air; tower, transformers hit. A television station called Mountain Lakes PBS in Plattsburgh, New York reported its signal was knocked off the air by lightning strikes on consecutive days at a mountaintop transmitter location. Repair crews have been unable to reach the transformers due to recent heavy rain making trails inaccessible. Source: http://www.dailyjournal.net/view/story/a5544f254cb7464db8de86ecd446ff11/NY--Broadcaster-Lightning-Strikes/
29. June 27, KVTQ 2 Billings – (Montana) Absarokee Verizon Wireless customers experience outage, company says service will resume later this week. Verizon Wireless customers in Absarokee lost Internet and phone services June 24, but were told their services should resume June 29, after a temporary antenna is set up. Absarokee as well as other area customers lost service after an agreement to use AT&T owned antennas ended. Source: http://www.ktvq.com/news/absarokee-verizon-wireless-customers-experience-outage-company-says-service-will-resume-later-this-week/
30. June 25, KELO 11 Sioux Falls – (South Dakota) Weather radio outage. The Brown County Emergency Manager reported a communications cable near the Aberdeen Office of the National Weather Service was cut June 25, affecting alerts for Aberdeen weather radio listeners and could not report the time for repairs to be completed. Television, radio or public safety communications were not affected. Source: http://www.keloland.com/newsdetail.cfm/weather-radio-outage/?id=149853
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to email@example.com or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to firstname.lastname@example.org.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at email@example.com or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at firstname.lastname@example.org or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.