Wednesday, December 3, 2014



Complete DHS Report for December 3, 2014

Daily Report

Top Stories

 · An electrical grid failure in downtown Detroit caused a loss of power to government buildings, schools, and several other commercial buildings December 2, and prompted the rescue of dozens of people from affected structures. – WWJ 62 Detroit
1. December 2, WWJ 62 Detroit – (Michigan) Detroit goes dark: Massive power outage affects courthouse, fire stations, public schools, DIA and more. An electrical grid failure in downtown Detroit caused a loss of power to the Frank Murphy Hall of Justice, Coleman A. Young Municipal Center, public schools, the Joe Louis Arena, the City-County building, and several other commercial buildings December 2. Detroit Public Schools dismissed students early while The Detroit Historical Museum and Detroit Institute of Arts closed as crews worked to restore power following the rescue of dozens of people from affected buildings. Source: http://detroit.cbslocal.com/2014/12/02/massive-detroit-power-outage-affects-courthouse-wsu-dia-and-more/

 · Two Lansing, Michigan men pleaded guilty December 1 to selling fake insurance certificates to owners of storage tanks at gas stations, making the tanks appear as though they were in compliance with the law. – Lansing State Journal
2. December 2, Lansing State Journal – (Michigan) Two Lansing insurance agents face prison for fraud scheme. Two Lansing insurance agents pleaded guilty December 1 to creating and selling fraudulent insurance certificates to owners and operators of underground storage tanks at gas stations that were inoperable due to age or condition from 2011 to 2013, making the tanks appear as though they were in compliance with the law. The scheme placed residents of more than 30 cities at risk of harm after the owners and operators purchased the fake certificates instead of replacing the tanks. Source: http://www.lansingstatejournal.com/story/news/local/2014/12/01/underground-storage-tanks/19757367/

 · The National Transportation Safety Board issued a report December 1 that found that a series of failures by Boeing, the Federal Aviation Administration, and GS Yuasa contributed to battery malfunctions onboard two Boeing 787 Dreamliner aircraft in January 2013 that led to the fleet of aircraft being grounded. – Wall Street Journal
5. December 1, Wall Street Journal – (International) Air-safety board cites failures before Dreamliner’s battery fire. The National Transportation Safety Board issued a report December 1 that found that a series of failures by Boeing, the Federal Aviation Administration, and battery manufacturer GS Yuasa contributed to a battery fire and a battery overheating incident onboard two Boeing 787 Dreamliner aircraft in January 2013 that led to the fleet of aircraft being grounded. Source: http://online.wsj.com/articles/faa-boeing-and-gs-yuasa-all-faulted-over-dreamliner-battery-fire-ntsb-says-1417465012

 · Sony Pictures Entertainment issued a statement December 1 confirming that the company is continuing to respond to issues created by a cyberattack that occurred during the week of November 24. – Associated Press See item 21 below in the Information Technology Sector

Financial Services Sector

7. December 2, Associated Press – (Missouri) Florida men plead guilty in St. Louis to fraud scheme. Two Miami, Florida men pleaded guilty December 1 in U.S. District Court in St. Louis to stealing personal information from over 400 people in 2011 and 2012 and using the information to file fraudulent tax returns seeking more than $2.25 million in refunds, leading to around $500,000 in losses. Source: http://www.kmov.com/news/crime/Florida-men-plead-guilty-in-St-Louis-to-fraud-scheme-284459641.html

Information Technology Sector

21. December 2, Associated Press – (International) FBI investigating Sony Pictures hack possibly linked to leaked footage of ‘Annie,’ Mr. Turner’ movies. Sony Pictures Entertainment issued a statement December 1 confirming that the company is continuing to respond to issues created by a cyberattack that occurred during the week of November 24. The FBI confirmed that the agency is investigating the incident. Source: http://www.newsday.com/entertainment/movies/fbi-investigating-sony-pictures-hack-1.9672119
22. December 2, Securityweek – (International) OpenVPN versions released since 2005 affected by critical flaw. The developers of the open-source virtual private network software OpenVPN released a new version of the software to address a critical denial of service (DoS) vulnerability which could allow authenticated attackers to cause servers to crash. The vulnerability affects all OpenVPN 2.x versions released since 2005 as well as OpenVPN Access Server versions prior to version 2.0.11. Source: http://www.securityweek.com/openvpn-versions-released-2005-affected-critical-flaw
23. December 2, Securityweek – (International) Mozilla fixes vulnerabilities, disables SSL 3.0 in Firefox 34. Mozilla released the latest version of its Firefox browser, Firefox 34, closing three critical vulnerabilities and five others, as well as disabling Secure Sockets Layer (SSL) 3.0 support to protect users against POODLE attacks. Source: http://www.securityweek.com/mozilla-fixes-vulnerabilities-disables-ssl-30-firefox-34
For another story, see item 26 below in the Communications Sector

Communications Sector

24. December 2, WCHS 8 Charleston – (Kentucky) Deputies searching for suspects who stole cable from cell phone tower. Law enforcement officials are searching for suspects involved in stealing 2 rolls of fiber optic cable from the Appalachian Wireless cell tower on U.S. 460 near Paintsville November 25. The stolen rolls weigh between 300 to 400 pounds and are about 300 feet long. Source: http://www.wchstv.com/news/features/eyewitness-news/stories/Deputies-Searching-For-Suspects-Who-Stole-Cable-From-Cell-Phone-Tower-60941.shtml

25. December 1, Lincoln Journal Star – (Nebraska) Windstream outage affects 250 Lincoln customers. Approximately 250 Windstream customers in Lincoln remained without Internet service when a network device at Windstream’s office stopped working November 28. Service was expected to be restored December 2. Source: http://journalstar.com/news/local/windstream-outage-affects-lincoln-customers/article_43f60d00-88a1-502f-bf37-80a9b7127b4c.html

26. December 1, Securityweek – (International) XSS vulnerability in Alcatel-Lucent carrier-grade switches. Researchers from Swisscom’s Computer Security Incident Response Team (CSIRT) released details of a cross-site scripting (XSS) vulnerability in the Alcatel-Lucent 1830 Photonic Service Switch equipment for cable multiple-system operator (MSO) networks following the disclosure of the vulnerability June 13. Alcatel-Lucent stated that the vulnerability was not considered a high-priority issue. Source: http://www.securityweek.com/xss-vulnerability-found-alcatel-lucent-carrier-grade-switches

27. November 30, Orlando Sentinel – (Florida) Alleged cell tower copper bandit captured. An alleged copper bandit was identified and detained by Plant City police for allegedly stealing copper from cellphone towers of a Polk County company he was recently fired from where he knew the combinations to the company’s locks. He is also a suspect in similar thefts in Hillsborough County and is charged with grand theft, burglary, and possession of burglary tools. Source: http://www.orlandosentinel.com/news/breaking-news/os-cell-tower-thief-arrested-20141130-story.html