Tuesday, March 4, 2014




Complete DHS Report for March 4, 2014

Daily Report

Details

 • A severe winter storm dumped snow and brought freezing temperatures throughout the Midwest and East Coast, prompting the closure of federal government offices, school closures, flight cancellations, and causing thousands to lose power March 3. – CNN

1. March 3, CNN – (National) One more time: Snow, sleet, misery fall on East Coast. A severe winter storm dumped snow and brought freezing temperatures throughout the Midwest and East Coast, prompting the closure of federal government offices, school closures, about 2,000 flight cancellations, and causing thousands to lose power across several States March 3. Source: http://www.cnn.com/2014/03/03/us/winter-storm/index.html

 • Las Vegas Sands announced that cyberattacks compromised employee and customer data from its Sands Bethlehem casino in Bethlehem, Pennsylvania, potentially exposing banking and personal information. – Softpedia See item 11 below in the Financial Services Sector

 • The owner of a Palatine, Illinois-based industrial equipment company and the owner of former machine tools company based in Carlisle, Pennsylvania, were indicted February 28 for allegedly running a scheme to fraudulently obtain $190 million in financing. – U.S. Attorney's Office, Northern District of Illinois See item 13 below in the Financial Services Sector

 • A portion of the northbound lanes of Interstate 25 in south Denver were shut down for several hours after sudden snow caused about 104 vehicles to crash in a roughly 2-mile stretch of highway March 2. – Associated Press

16. March 2, Associated Press – (Colorado) 1 killed, 30 injured in massive Colorado pileup. A portion of the northbound lanes of Interstate 25 in south Denver were shut down for several hours after sudden snow caused about 104 vehicles to crash in a roughly 2-mile stretch of highway March 2, killing 1 person and injuring several others. Source : http://www.vcstar.com/news/2014/mar/02/1-killed-30-injured-in-massive-colorado-pileup/

Financial Services Sector

11. March 1, Softpedia – (International) Casino operator Las Vegas Sands admits hackers have stolen customer data. Las Vegas Sands announced that cyberattacks which defaced some of its Web sites also compromised employee and customer data from its Sands Bethlehem casino in Bethlehem, Pennsylvania, potentially exposing credit card and bank account information, Social Security numbers, and other personal information. The company is continuing its investigation of the breach. Source: http://news.softpedia.com/news/Casino-Operator-Las-Vegas-Sands-Admits-Hackers-Stole-Customer-Data-430017.shtml

12. February 28, WMAQ 5 Chicago – (Illinois) First American Bank reports data breach in Chicago taxis. First American Bank announced that it has received reports of fraudulent charges after customers used taxis in Chicago that utilize two companies to process transactions. The bank is continuing to investigate the fraudulent transactions. Source: http://www.nbcchicago.com/news/local/First-American-Bank-Alleges-Data-Breach-from-Chicago-Taxis-247899551.html

13. February 28, U.S. Attorney's Office, Northern District of Illinois – (Illinois; Pennsylvania) Two executives indicted in alleged $190 million equipment financing fraud scheme that caused $100 million loss to lenders. The owner of Palatine, Illinois-based Equipment Acquisition Resources Inc., and the owner of former Machine Tools Direct Inc., based in Carlisle, Pennsylvania, were indicted February 28 for allegedly running a scheme to fraudulently obtain $190 million in financing, causing $100 million in losses for lenders. Source: http://www.fbi.gov/chicago/press-releases/2014/two-executives-indicted-in-alleged-190-million-equipment-financing-fraud-scheme-that-caused-100-million-loss-to-lenders

14. February 28, IDG News Service – (International) Gameover malware tougher to kill with new rootkit component. Sophos researchers reported that a new variant of the Gameover banking malware that steals online banking credentials includes a kernel-level rootkit called Necurs that can make the malware more difficult to remove from infected systems. Source: http://www.networkworld.com/news/2014/022814-gameover-malware-tougher-to-kill-279308.html

15. February 27, WPVI 6 Philadelphia – (Delaware; Pennsylvania) Masked post office bandit indicted on bank robbery charges. A man was indicted for allegedly robbing two banks and two post offices in Delaware County, Pennsylvania, and Wilmington, Delaware, during January. Source: http://abclocal.go.com/wpvi/story?id=9447273

Information Technology Sector

30. March 3, Softpedia – (International) Meetup down for days due to DDoS attack allegedly ordered by a competitor. Social networking portal Meetup was hit by a distributed denial of service (DDoS) attack beginning February 27 that took the portal's Web site offline for several days. An attacker contacted the company, claimed responsibility, and demanded a payment to end the attack. Source: http://news.softpedia.com/news/Meetup-com-Down-for-Days-Due-to-DDOS-Attack-Allegedly-Ordered-by-a-Competitor-430290.shtml

31. March 1, Softpedia – (International) Uroburos: Espionage rootkit allegedly created by Russian intelligence agency. Researchers at G Data analyzed a sophisticated rootkit dubbed Uroburos that can compromise Windows systems in order to execute commands, steal files, capture traffic, and add new modules to itself. The researchers believe the rootkit was created by a Russian intelligence agency and has been in operation since 2011. Source: http://news.softpedia.com/news/Uroburos-Espionage-Rootkit-Allegedly-Created-by-Russian-Intelligence-Agency-430030.shtml

For another story, see item 14 above in the Financial Services Sector

Communications Sector

Nothing to report