Tuesday, February 5, 2013
Complete DHS Daily Report for February 5, 2013
Daily Report
Top Stories
• Bank of America experienced online banking
service interruptions lasting for roughly 10 hours February 1, citing an
internal systems issue as the cause of the service outage. – American Banker
See
item 2 below in the Banking and Finance Sector
• U.S. Department of Energy officials
confirmed that hackers breached 14 computer servers and 20 workstations at
their Washington D.C. headquarters nearly 2 weeks ago, compromising several
hundred individuals’ personal information. – Washington Free Beacon
20.
February 4, Washington Free Beacon –
(National) Energy Department networks hit by sophisticated cyber attack. U.S.
Department of Energy officials confirmed that hackers breached 14 computer
servers and 20 workstations at their Washington D.C. headquarters nearly 2
weeks ago, compromising several hundred individuals’ personal information.
Source: http://freebeacon.com/cyber-breach/
• Twitter reported February 1 that it had
uncovered account compromises that may have affected 250,000 users. – Wired.com
See
item 29 below in the Information Technology Sector
• The Super Bowl was halted for 34 minutes
because of a power outage February 3. – Associated Press
32.
February 3, Associated Press –
(Louisiana) Super Bowl power outage: Lights go out at Superdome during
Ravens-49ers Super Bowl. The Super Bowl was halted for 34 minutes because
of a power outage February 3. The cause of the outage which affected only part
of the Superdome remains unknown. Source: http://www.huffingtonpost.com/2013/02/03/super-bowl-power-outage-superdome-ravens-49ers_n_2612757.html
Details
Banking and Finance Sector
2. February
4, American Banker – (National) Bank of America suffers website, mobile outages. Bank
of America experienced online banking service interruptions lasting for roughly
10 hours February 1, citing an internal systems issue as the cause of the
service outage. Customers were alerted that their information remained safe
despite a group claiming responsibility for the attacks. Source: http://www.americanbanker.com/issues/178_23/b-of-a-sustains-website-mobile-outages-1056420-1.html
3. February
4, Help Net Security – (Washington; International) Dutch hacker imprisoned for
trafficking 100,000 credit cards. A Dutch national was sentenced in the
U.S. for his part in a scheme where fraudulent credit cards were produced with
information obtained from hacking into Seattle-area companies’ systems and
point-of-sale devices. Source: http://www.net-security.org/secworld.php?id=14351
4. February
2, Softpedia – (International) $140 PiceBOT botnet targets Latin American
bank customers. Kaspersky researchers identified a new botnet being sold on
underground markets in the past month called PiceBOT that is targeting bank
customers in Latin America. Source: http://news.softpedia.com/news/140-PiceBOT-Botnet-Targets-Latin-American-Bank-Customers-326158.shtml
5. February
1, Associated Press – (California) Folsom man pleads guilty in $40M investment
scam. The president of Equity Investment Management and Trading Inc.
pleaded guilty in Sacramento to a scheme that defrauded more than 300 investors
of about $40 million. Source: http://www.sacbee.com/2013/02/01/5159158/folsom-man-pleads-guilty-in-40m.html
For
another story, see item 26 below in the Information
Technology Sector
Information Technology Sector
26. February
4, Help Net Security – (International) The rise of mobile advertising malware
toolkits. Researchers at FortiGuard Labs published a report showing
increased use of variants of the Android Plankton ad kit in both fraud and
hacktivist campaigns. Source: http://www.net-security.org/malware_news.php?id=2398
27. February
1, Reuters – (International) Estonian pleads guilty in U.S. court to
Internet advertising scam. An Estonian national pleaded guilty in U.S.
court for his involvement in a malware-based clickjacking scam that netted him
and his co-conspirators $14 million. Source: http://newsandinsight.thomsonreuters.com/New_York/News/2013/02_-_February/Estonian_pleads_guilty_in_U_S__court_to_Internet_advertising_scam/
28. February
1, Softpedia – (International) “Poetry Group” hackers use Citadel to target
government offices worldwide. McAfee published a report on the use of the
Citadel trojan by the “Poetry Group’ cybercriminal team to collect information
from various governments’ offices. Source: http://news.softpedia.com/news/Poetry-Group-Hackers-Use-Citadel-to-Target-Government-Offices-Worldwide-326065.shtml
29. February
1, Wired.com – (International) Twitter hacked: Company says 250K users may
have been affected. Twitter reported February 1 that it had uncovered
account compromises that may have affected 250,000 users. Twitter reset
passwords and revoked tokens for users believed to be affected. Source: http://www.wired.com/threatlevel/2013/02/twitter-hacked/
30. February
1, ComputerWorld – (International) Oracle releases Java patch update. Oracle
released an ahead-of-schedule patch for Java SE to close 50 vulnerabilities,
some of them critical. Source: http://www.computerworld.com/s/article/9236469/Oracle_releases_Java_patch_update
Communications Sector
31.
February 3, Duluth News Tribune –
(Minnesota) Power outage knocks several Duluth TV, radio stations off air. A
two-hour power outage in the vicinity of Duluth’s antenna farm left Minnesota
Power customers without several television channels and radio stations while
the company worked to restore service. Source: http://www.equities.com/news/headline-story?dt=2013-02-03&val=998793&cat=service
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.