Friday, April 12, 2013
Complete DHS Daily Report for April 12, 2013
• Several automakers recalled about 3.3 million vehicles fitted with defective airbags manufactured by Takata Corporation that may eject metal fragments upon deploying. – New York Times
4. April 11, New York Times – (International) Automakers recall 3.3 million vehicles over air bags. Several automakers recalled about 3.3 million vehicles fitted with defective airbags manufactured by Takata Corporation that may eject metal fragments upon deploying. In the U.S., the recall affects around 1.4 million Toyota, Honda, Nissan, Mazda, and Pontiac vehicles. Source: http://www.nytimes.com/2013/04/12/business/global/automakers-recall-3-4-million-vehicles-over-air-bags.html
• Five men were arrested for allegedly forming a sophisticated group that robbed Los Angeles-area banks by cutting through the banks’ roofs, stealing a total of $6 million. – Reuters See item 8 below in the Banking and Financial Services Sector
• At least 2 people were killed and approximately 35 others injured after a charter bus veered suddenly into the median on a highway in Irving, Texas, and rolled onto its side. – Associated Press
10. April 11, Associated Press – (Texas) At least 2 killed when bus overturns in Texas. At least 2 people were killed and approximately 35 others injured after a charter bus veered suddenly into the median on a highway in Irving and rolled onto its side. Traffic was backed up for several miles because of the accident. Source: http://news.yahoo.com/least-2-killed-bus-overturns-texas-155057296.html
• A security consultant demonstrated the ability to take complete control of commercial aircraft by creating an exploit framework and an Android app that delivers attack messages to an aircraft’s Flight Management Systems. – Help Net Security
13. April 10, Help Net Security – (International) Hijacking airplanes with an Android phone. A security consultant from n.runs AG in Germany demonstrated the ability to take complete control of commercial aircraft by taking advantage of two new technologies and by creating an exploit framework (SIMON) and an Android app (PlaneSploit) that delivers attack messages to an aircraft’s Flight Management Systems. Source: http://www.net-security.org/secworld.php?id=14733
Banking and Finance Sector
6. April 11, Financial Industry Regulatory Authority – (District of Columbia) FINRA files Temporary Cease-and-Desist Order against Success Trade Securities and CEO to half fraud. The Financial Industry Regulatory Authority filed a Temporary Cease-and-Desist Order against Success Trade Securities and its CEO to halt fraud after the Washington D.C.-based company allegedly sold more than $18 million in promissory notes while misrepresenting or omitting material facts. Source: http://www.finra.org/Newsroom/NewsReleases/2013/P239716
7. April 10, Associated Press – (Texas; Virginia) Insurance company accused of fraud over Virginia Tech student health insurance. Frisco, Texas-based GM-Southwest Inc. and its former owner were charged with conspiracy, racketeering, money laundering, and fraud for overstating claims on student health insurance provided to Virginia Tech students by $9 million. Source: http://www.journalnow.com/business/business_news/national_international/article_465fc8c2-a180-11e2-a5cc-001a4bcf6878.html
8. April 10, Reuters – (California) Five arrested in Hollywood-style Los Angeles-area bank heists. Five men were arrested for allegedly forming a sophisticated group that robbed Los Angeles-area banks by cutting through the banks’ roofs, stealing a total of $6 million. Source: http://news.yahoo.com/five-arrested-hollywood-style-los-angeles-area-bank-210605925.html
Information Technology Sector
41. April 11, The Register – (International) AMI PC firmware upgrades scare: The global security meltdown that wasn’t. American Megatrends Inc (AMI) stated that the firmware update signing key found by researchers on an open server along with the source code to the firmware was a default test key. Source: http://www.theregister.co.uk/2013/04/11/ami_uefi_key_leak/
42. April 11, Help Net Security – (International) ZeroAccess Bitcoin botnet shows no signs of slowing. Research by FortiGuard Labs found that the biggest threat in the past quarter came from the ZeroAccess Bitcoin mining malware, among other findings in their report. Source: http://www.net-security.org/malware_news.php?id=2464
43. April 11, Wired.com – (International) Gaming company certificates stolen and used to attack activists, others. Kaspersky Lab researchers found that at least 35 gaming developers had their systems compromised in the past year and a half, with digital certificates stolen and used in others attacks. Source code was also stolen to attempt to artificially increase in-game currencies. Source: http://www.wired.com/threatlevel/2013/04/gaming-company-certs-stolen/
44. April 10, Associated Press – (Minnesota) Ice storm topples radio tower in Worthington. Four radio stations were knocked off the air after an ice storm toppled part of a radio tower in Worthington. Two stations were restored April 10, while two others were expected to return to the air within 2 days. Source: http://kstp.com/news/stories/S2993665.shtml?cat=1 45. April 10, KIWA 1550 AM Sheldon– (Iowa) KIWA Radio has to back down power to prevent transmitter damage due to ice on antenna bays, tower. KIWA 1550 AM reported that the Sheldon station reduced power due to accumulated ice on its tower and antenna bays. The station would return to full power as the ice melts. Source: http://kiwaradio.com/local-news/kiwa-radio-has-to-back-down-power-to-prevent-transmitter-damage-due-to-ice-on-antenna-bays-tower/
46. April 10, Brandon Valley Challenger – (South Dakota) Power outages disrupting 911 service. A winter storm knocked power out in Brandon, South Dakota, and affected cable, Internet, TV, and 9-1-1 services for approximately 3,300 Alliance Communications customers. Cell phones were unaffected and could be used to call emergency services. Source: http://www.brandoninfo.com/article/20130410/NEWS/130410014
47. April 10, Northwest Public Radio– (Washington) KWWS off air until Thursday. Network engineers suspected the cause of a KWWS 89.7 FM Walla Walla outage was damage from strong winds at the transmitter site and speculated that the radio station would return to the air sometime April 11. Source: http://nwpr.org/post/kwws-air-until-thursday
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to firstname.lastname@example.org or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to email@example.com.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at firstname.lastname@example.org or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at email@example.com or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.