Tuesday, August 26, 2014




Complete DHS Report for August 26, 2014

Daily Report

Top Stories

 · A spark in a vacuum that pulls dust off grain caused explosions and a fire August 22 at a Bunge North America grain silo in Evendale, Ohio, blowing out the windows to the structure and sparking several hot spots. – Cincinnati Enquirer

13. August 24, Cincinnati Enquirer – (Ohio) Grain silo fire could take days to extinguish. Authorities reported that a spark in a vacuum that pulls dust off grain was the cause of a series of explosions and a fire August 22 at a Bunge North America grain silo in Evendale, and that a system which runs water throughout the structure in case of a fire did not work. Firefighters remained at the scene to extinguish hot spots through August 24 and authorities must inspect the 214-foot tall structure that had all of its windows blown out during the explosions. Source: http://www.cincinnati.com/story/news/2014/08/22/fire-explosion-reported-at-evendale-factory/14440237/

 · Sony PlayStation Network and Sony Online Entertainment users experienced issues and were unable to sign in August 24 after the services were hit by a distributed denial of service (DDoS) attack that was claimed to peak at 263.35 Gbps. – Softpedia See item 26 below in the Information Technology Sector

 · Internet services were restored to hundreds of thousands of Charter Communications Inc. customers throughout the nation August 24 following a widespread outage August 23. – WEAU 13 Eau Claire See item 29 below in the Communications Sector

 · An earthquake struck northern California August 24, damaging several buildings and vineyards, sparking a fire in a mobile home park, causing water main leaks, and leaving more than 15,000 customers without power in Napa, Sonoma, and Santa Rosa Counties. – ABC News; Associated Press

31. August 24, ABC News; Associated Press – (California) Strong California quake causes injuries, damage. A magnitude-6.0 – 6.1 earthquake dubbed the South Napa Earthquake struck August 24, damaging several commercial and government buildings, sparking a fire in a mobile home park, damaging vineyards, causing dozens of water main leaks, and leaving more than 15,000 customers without power in Napa, Sonoma, and Santa Rosa Counties. At least 120 individuals were treated for injuries, and Napa Valley Unified School District schools were closed August 25. Source: http://abcnews.go.com/US/northern-california-cleaning-strongest-earthquake-25-years/story?id=25110109

Financial Services Sector

6. August 23, KNSD 39 San Diego – (California) Bandit accused in four bank robberies busted. The FBI announced August 22 that a San Diego man was arrested August 19 for allegedly conducting at least four bank robberies in San Diego between July 25 and August 18. Source: http://www.nbcsandiego.com/news/local/San-Diego-Bank-Bandits-Ronald-Timberland-Arrested-Charged-272439651.html

For additional stories, see items 35 and 36 below from the Commercial Facilities Sector

35. August 23, Softpedia – (International) Backoff PoS malware impacts more than 1,000 businesses. The U.S. Department of Homeland Security issued an advisory August 22 encouraging retailers to evaluate their payment systems to determine if their assets may be vulnerable or compromised by a recently discovered point of sale (PoS) malware dubbed BackOff which is believed to have affected over 1,000 businesses since October 2013. The malware was recently leveraged to attack United Parcel Service (UPS) systems in 51 locations across the U.S. Source: http://news.softpedia.com/news/Backoff-PoS-Malware-Impacts-More-than-1-000-Businesses-456106.shtml

36. August 22, WCSH 6 Portland – (Maine) Data breach discovered at OTTO's Portland locations. OTTO Pizza reported August 22 that about 900 of its customers were notified that the company suffered a point-of-sale attack between May 1 and August 13 at its Portland locations and hackers may have accessed some customers’ payment card information. The hard drives of the affected terminals were replaced and additional firewall and monitoring software was installed after the breach was detected. Source: http://www.wcsh6.com/story/news/local/portland/2014/08/22/data-breach-discovered-at-ottos-portland-locations/14450607/

Information Technology Sector

26. August 25, Softpedia – (International) 263.35 Gbps of traffic aimed at one Sony server during DDoS attack. Users of Sony’s PlayStation Network and Sony Online Entertainment services experienced issues and were unable to sign in August 24 after the services were hit by a distributed denial of service (DDoS) attack that was claimed by the attacker to peak at 263.35 Gbps. A separate group attempted to take credit for the attack and tweeted a bomb scare regarding a Dallas-to-San Diego flight that was carrying a Sony executive. Source: http://news.softpedia.com/news/263-35-Gbps-of-Traffic-Aimed-At-One-Sony-Server-During-DDoS-Attack-456205.shtml

27. August 25, Softpedia – (International) FlashPack exploit kit shared through social media buttons add-on. Researchers with Trend Micro observed the FlashPack exploit kit being distributed to users through social media sharing buttons on Web sites. The exploit kit attempts to exploit vulnerabilities in Adobe Flash and is mostly targeting users in Japan at present. Source: http://news.softpedia.com/news/FlashPack-Exploit-Kit-Shared-Through-Social-Media-Buttons-Add-On-456317.shtml

28. August 23, Softpedia – (International) MeetMe social network systems breached. Social network MeetMe reported that it was compromised by attackers between August 5 and August 7 who were able to obtain an unspecified number of users’ encrypted user names, passwords, and email addresses. The company advised users to change their passwords as a precaution. Source: http://news.softpedia.com/news/MeetMe-Social-Network-Systems-Breached-456085.shtml

For additional stories, see item 10 below from the Transportation Systems Sector, item 29 below in the Communications Sector and items 35 and 36 above from the Commercial Facilities Sector in the Financial Services Sector

10. August 24, KTCT 11 Fort Worth – (Arizona) Bomb threat tweets cause AA plane to be diverted. An American Airlines fight en route to San Diego from Dallas was diverted to Phoenix Sky Harbor Airport August 24 due to a security-related issue when a hacker group called Lizard Squad tweeted to the airline about reports of an explosive onboard. The 185 passengers and crewmembers on board were evacuated off the plane as federal authorities investigated and determined the aircraft was clear. Source: http://dfw.cbslocal.com/2014/08/24/hackers-bomb-threat-tweets-cause-american-airlines-plan-to-be-diverted/

Communications Sector

29. August 24, WEAU 13 Eau Claire – (National) Charter: Internet services restored following outage. Internet services were restored to hundreds of thousands of Charter Communications Inc. customers throughout the nation August 24 following a widespread outage August 23. Source: http://www.weau.com/home/headlines/Charter-Communications-working-on-internet-outage-272445941.html

30. August 22, WRAL 5 Raleigh – (North Carolina) Goldsboro police: Man stole $80,000 in equipment from cellphone tower. A man in Pikeville was charged with felony possession of stolen goods August 21 for allegedly stealing more than $80,000 worth of equipment from a cellphone tower in Goldsboro. Source: http://www.wral.com/goldsboro-police-man-stole-80-000-in-equipment-from-cellphone-tower/13914958/