Wednesday, July 10, 2013




Daily Report

Top Stories

 • The Baldwin County, Alabama Health Department reported an estimated 100,000 to 1,000,000 gallons of sewage overflowed into Rock Creek July 8 from a lift station after heavy rainfall. – WPMI 15 Mobile

23. July 8, WPMI 15 Mobile – (Alabama) Possibly 1 million gallons of sewage overflows into Rock Creek. The Baldwin County Health Department reported an estimated 100,000 to 1,000,000 gallons of sewage overflowed into Rock Creek July 8 from a lift station after heavy rainfall, and urged residents to exercise caution if using Rock Creek for recreation. Source: http://www.local15tv.com/news/local/story/Possibly-1-Million-Gallons-of-Sewage-Overflows/X0oNZLkGlUu_JsjfNoPfWQ.cspx

 • Nevada’s Bison Fire burned up to 25,733 acres as firefighters continued to battle the blaze, reaching 25 percent containment July 8 – Reno Gazette-Journal

30. July 9, Reno Gazette-Journal – (Nevada) Bison Fire now 25,733 acres but 25 percent contained. Nevada’s Bison Fire burned up to 25,733 acres as firefighters continued to battle the blaze, reaching 25 percent containment July 8. Source: http://www.rgj.com/article/20130709/NEWS06/307090022/Bison-Fire-keeps-growing-south-Reno-watch-timelapse-video-

 • Security researchers warned that the U.S. Emergency Alert System is vulnerable to attacks allowing hackers to remotely disseminate fake reports and tamper with gear after a recent firmware update included a private key. – Ars Technica

34. July 8, Ars Technica – (National) We interrupt this program to warn the Emergency Alert System is hackable. Security researchers warned the U.S. Emergency Alert System is vulnerable to attacks allowing hackers to remotely disseminate fake reports and tamper with gear. A recent firmware update for DASDEC systems included a private key that can give criminals the ability to disrupt stations and transmit false messages to the general public covering large geographical areas. Source: http://arstechnica.com/security/2013/07/we-interrupt-this-program-to-warn-the-emergency-alert-system-is-hackable/

 • Proof-of-concept (PoC) code for a critical vulnerability in the Android mobile operating system, that allows attackers to modify the code of any app without breaking its cryptographic signature, was released by a researcher. – Help Net Security See item 35 below in the Information Technology Sector

Details

Banking and Finance Sector

6. July 8, KIRO 7 Seattle – (Washington) ‘Big Top Bandit’ sought in takeover bank robberies. Authorities in King County are investigating five takeover-style bank robberies that occurred between January and July 1 that are considered linked and involve two violent, armed suspects. Source: http://www.kirotv.com/news/news/photos-big-top-bandits-sought-takeover-bank-robber/nYjHb/

Information Technology Sector

35. July 9, Help Net Security – (International) POC code for critical Android bug published. Proof-of-concept (PoC) code for a critical vulnerability in the Android mobile operating system was released by a researcher. The vulnerability allows attackers to modify the code of any app without breaking its cryptographic signature, and the PoC may allow the vulnerability to be exploited. Source: https://www.net-security.org/secworld.php?id=15198

36. July 9, Softpedia – (International) Experts observe RedKit exploit kit attack on Segway website. Researchers at Symantec published an analysis of a June attack on the Segway Web site that utilized the RedKit exploit kit to drop Waledac, ZeroAccess, and Ponik malware. Source: http://news.softpedia.com/news/Experts-Observe-RedKit-Exploit-Kit-Attack-on-Segway-Website-366739.shtml

37. July 9, Softpedia – (International) McAfee details 4-year cyber espionage campaign against South Korea. Symantec published a report on a 4-year cyberespionage campaign that targeted South Korean financial, government, military, and broadcasting organizations dubbed ‘Operation Troy’. Source: http://news.softpedia.com/news/McAfee-Details-4-Year-Cyber-Espionage-Campaign-Against-South-Korea-366571.shtml

Communications Sector

38. July 7, Hagerstown Herald Mail – (West Virginia) Jefferson County Frontier Communications customers lose service Sunday. A fiber line break July 7 caused 5,000 Jefferson County Frontier Communications customers to lose telephone and Internet services for several hours. Source: http://articles.herald-mail.com/2013-07-07/news/40426548_1_service-disruption-fiber-line-customers



Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.


Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.