Complete DHS Report for
August 4, 2015
Daily Report
Top Stories
· A line of thunderstorms in southeastern
Michigan cut power to approximately 92,000 DTE Energy customers August 2 and
63,000 customers remained without service August 3 while crews worked to
restore service by August 4. – Detroit News
1. August 3,
Detroit News – (Michigan) Storms pummel state, produce tornado. A line
of thunderstorms in southeastern Michigan cut power to approximately 92,000 DTE
Energy customers August 2 and 63,000 customers remained without service August
3 while crews worked to restore service by August 4. The storm caused flooding
which prompted the closure of northbound Interstate 75 ramp at Interstate 94 in
Detroit and the southbound Interstate 75 ramp to eastbound Interstate 94.
· Indiana Officials announced that an
estimated 1.5 million State residents and 3.9 million individuals from 11
healthcare providers and 44 radiology clinics nationwide may have been impacted
by a May breach of Medical Informatics Engineering and its subsidiary
NoMoreClipboard’s networks. – Softpedia
19. August 3,
Softpedia – (National) Data of 4 million patients lost in MIE hacking. The
Indiana Attorney General announced that an estimated 1.5 million State
residents and 3.9 million individuals from 11 healthcare providers and 44
radiology clinics nationwide may have been impacted by a May breach of Medical
Informatics Engineering and its subsidiary NoMoreClipboard’s networks.
Officials continue to investigate the attack, which allowed hackers to gain
access to patients’ personal and medical information.
· Crews continued to work August 3 to
contain at least 21 wildfires in California including the 54,000-acre Rocky
Fire stretching across 3 counties that threatens over 12,100 individuals and
more than 5,100 structures. – CNN
23. August 3,
CNN – (California) California wildfires torch 134,000 acres – and
counting. Crews continued to work August 3 to contain at least 21 wildfires
in California including the 54,000-acre Rocky Fire stretching across 3 counties
that threatens over 12,100 individuals and more than 5,100 structures. The
wildfires have collectively burned over 134,000 acres across the State, causing
the governor to declare a state of emergency July 31.
· Walmart, Sears, and Amazon agreed to
pay the State of New York over $300,000 in penalties and halt sales of
life-like toy guns August 3 after over 6,400 toy guns sold from 2012 – 2014
violated New York laws. – Associated Press
34. August 3,
Associated Press – (New York) Retailers to pay New York $300,000 in toy gun
settlement. Walmart, Sears, and Amazon agreed to pay the State of New York
over $300,000 in penalties and halt sales of life-like toy guns August 3 after
over 6,400 toy guns sold from 2012 – 2014 violated New York laws.
Financial Services Sector
6. July 31,
U.S. Securities and Exchange Commission – (International) SEC charges
man with microcap fraud involving shares of Cynk Technology Corp. The U.S.
Securities and Exchange Commission charged a Canadian man July 31 with
allegedly using straw shareholders, foreign dummy corporations, and fake
corporate officers worldwide to conceal his control of shares of Cynk
Technology Corp., which he intended to liquidate when the stock’s price
increased.
Information Technology Sector
28. August 3,
Help Net Security – (International) Fake “Windows 10 Free Upgrade” emails deliver
ransomware. Security researchers from Cisco’s Talos Group discovered a
ransomware campaign in which attackers purporting to be from Microsoft send
victims emails with a fake Windows 10 installer attached that is actually a
variant of the CTB-Locker crypto-malware. Source: http://www.net-security.org/malware_news.php?id=3082
29. August 3,
Softpedia – (International) Chrome extensions can be disabled without
user interaction. Security experts from Detectify Labs discovered that an
attacker could disable a list of Google Chrome security extensions upon
visiting a site using the “ping” attribute inside a regular link, effectively
removing safeguards without the user’s knowledge. Google Chrome was notified of
the vulnerability and released a patch addressing the issue. Source: http://news.softpedia.com/news/chrome-extensions-can-be-disabled-without-user-interaction-488340.shtml
30. August 3,
IDG News Service – (International) DNS server attacks being using BIND software
flaw. Security researchers from Sucuri reported that attackers have begun
exploiting a denial-of-service (DoS) flaw in all versions of BIND 9 open-source
Domain Name System (DNS) software that was patched the week of July 27. The
company confirmed that two clients in different sectors had experienced
attacks. Source: http://www.computerworld.com/article/2955290/security/dns-server-attacks-begin-using-bind-software-flaw.html
31. August 3,
Help Net Security – (International) The leading cause of insider threats?
Employee negligence. The Ponemon Institute released findings from a survey
on insider information technology (IT) threats in U.S. and German firms,
revealing that in addition to malicious intent, employee negligence is a
significant cause of security incidents that lead to decreases in IT
productivity, which can cause a company as much as $1.5 million in losses per
year. The report cited long hours and multitasking as common elements leading
to negligence, among other findings. Source: http://www.net-security.org/secworld.php?id=18697
For
additional stories, see item 5 below from the Critical Manufacturing Sector, item
19 above in Top Stories,
items 20 and 21 below from the Healthcare
and Public Health Sector
5. July 31,
Securityweek – (International) Flaw in fingerprint access devices could make
it easy to open doors. Security researchers at CERT Coordination Center
(CERT/CC) discovered two flaws in several models of fingerprint access
controllers developed by Taiwan-based Chiyu Technology in which an
unauthenticated attacker with network access could view and modify the device’s
configuration by accessing known paths.
20. August 3,
Securityweek – (National) FDA issues alert over vulnerable Hospira drug
pumps. Healthcare organizations were alerted by the U.S. Food and Drug
Administration July 31 regarding cyber security risks associated with the use
of Hospira Symbiq infusion systems following flaws discovered in 2014, which
included security holes that can be remotely exploited by hackers in order to
gain access to the devices and possibly change the dosage they deliver. The
company has been working on developing a software update and the vendor is
working to remove all of the infusion systems from the market until a permanent
replacement is available.
21. August 1,
Sioux City Journal – (South Dakota) Siouxland Pain Clinic says patient information
likely exposed by hacker. The Siouxland Pain Clinic in Dakota Dunes
reported July 31 that patients’ health and other personal information was
likely exposed during an attack on the clinic’s server between March 26 and
April 2, and that there was no evidence that the information was misused. The
clinic continues to evaluate the attack after being notified of the breach June
26.
Communications Sector
32. August 3,
Brownsville Herald – (Texas) Jack FM burglar charged. An Alamo man was
indicted July 31 on two counts of burglary charges after allegedly breaking
into KJAV-FM, also known as “Jack FM” brand, and stealing and damaging radio
equipment. Estimated theft and damage costs total over tens of thousands of
dollars and forced the station to go offline for an unknown amount of time. Source:
http://www.brownsvilleherald.com/news/valley/article_1f7f4e1c-3986-11e5-908a-eb1c06182ed1.html
For another story, see item 38 below from the Commercial
Facilities Sector
38. August 3,
Associated Press – (Illinois) One dead, thousands without power after storms. A
Wood Dale, Illinois official reported August 3 that 1 person was killed and 20
others injured at the annual Prairie Fest after a tent collapsed due to a
sudden storm that brought high winds, hail, and rain, August 2. About 17,900
people were without power August 3, down from a peak of 95,000.