Homeland Security Daily Open Source Infrastructure
advertisement
Homeland Security Current Nationwide Threat Level ELEVATED Daily Open Source Infrastructure Report for 4 November 2009 Significant Risk of Terrorist Attacks For information, click here: http://www.dhs.gov Top Stories Reuters reports that an outbreak of food-borne illness, linked to dangerous bacteria in ground beef, sickened 28 people and may have caused two deaths in the U.S. Northeast, health officials said on November 2. (See item 24) The Los Angeles Times reports that lethal waste is seeping from mountain burial sites and moving toward aquifers, springs and streams that provide water to 250,000 residents of northern New Mexico. The Los Alamos National Laboratory seemed an ideal place to store a bomb factory’s deadly debris, but the heavily fractured mountains have not contained the waste, some of which has trickled down hundreds of feet to the edge of the Rio Grande, one of the most important water sources in the Southwest. (See item 28) Fast Jump Menu PRODUCTION INDUSTRIES • Energy • Chemical • Nuclear Reactors, Materials and Waste • Critical Manufacturing • Defense Industrial Base • Dams Sector SUSTENANCE AND HEALTH • Agriculture and Food • Water Sector • Public Health and Healthcare SERVICE INDUSTRIES • Banking and Finance • Transportation • Postal and Shipping • Information and Technology • Communications • Commercial Facilities FEDERAL AND STATE • Government Facilities • Emergency Services • National Monuments and Icons Energy Sector Current Electricity Sector Threat Alert Levels: Physical: ELEVATED, Cyber: ELEVATED Scale: LOW, GUARDED, ELEVATED, HIGH, SEVERE [Source: ISAC for the Electricity Sector (ES-ISAC) [http://www.esisac.com] 1. November 2, Environment News Service – (Louisiana) Louisiana copes with oil spill, high winds, flooding. An oil spill south of New Orleans and flooding across northern -1- and western parishes has made it a difficult weekend for Louisiana as strong winds, heavy rains and tornadoes struck the state beginning on October 28. Pacific Carriers’ cargo ship Pac Alkaid is now at a ship repair facility in New Orleans, after spilling 12,000 gallons of fuel oil near the mouth of the Mississippi River, off the Louisiana coast in the Gulf of Mexico. Coast Guard officials said divers have now patched a hole in the ship about five feet below the waterline that penetrated the vessel’s starboard fuel tank, which has a capacity of nearly 120,000 gallons of bunker oil. Oil continued leaking from the 179 meter long Singapore-flagged vessel over the weekend while divers waited for parts to arrive. The cause of the hole is currently unknown. The Pac Alkaid reported the discharge to the Coast Guard at 2 am Friday, when it was anchored five miles southeast of Southwest Pass. The Coast Guard ordered the vessel to move further offshore to lessen the impact of the oil on the shoreline. Winds and currents pushed the oil to the northwest, which has caused a sheen to wash up against the rocks of the Southwest Pass jetty. Source: http://www.ens-newswire.com/ens/nov2009/2009-11-02-091.asp 2. November 2, New Hampshire Union Leader – (New Hampshire) Where there’s smoke, not necessarily fire. Fire crews from more than a half-dozen communities were at Public Service of New Hampshire’s main power plant this morning for a reported two-alarm blaze but a company spokesman said there never was a fire. Some machinery oil dripped onto a pipe, causing insulation to smolder, according to a spokesman. The fire department was contacted and told of the incident while employees used dry chemicals to take care of the problem.The oil drip happened in a 6 by 9-foot area under a turbine, he said. “We had some oil from machinery drip down onto a steam pipe,” he said, explaining the oil caused insulation to smolder. As soon as employees realized it, they notified the fire department which did respond. Firefighters from Bow, Allenstown, Concord, Pembroke, Dunbarton, Hooksett and Henniker were dispatched to the plant, known as the Merrimack Station. The spokesman said no one lost power as a result of the incident. Source: http://www.unionleader.com/article.aspx?headline=Smoke,+no+fire+at+PSNH+power +plant&articleId=18000ff1-9f0f-401f-9e08-0de6fcd67c50 For another story, see item 44 [Return to top] Chemical Industry Sector 3. November 3, Rochester Democrat & Chronicle – (New York) Toxic gas scare in Ontario County. The combination of a dead body and possibly toxic chemicals found inside a parked car prompted the evacuation of homes in a half-mile radius of a park in Ontario County Monday evening. As the investigation into the incident at Boughton Park in East Bloomfield continued, police described a warning that was taped to the vehicle saying “not to open the car due to some sort of a release of toxic gas,” said the Ontario County Sheriff. Emergency crews responded to the scene around 4:45 p.m. -2- Monday after a hiker called 911 after finding the body of white male in a car in a designated parking area. Two five-gallon buckets filled with an unidentified, possibly toxic liquid were found in the back seat. Several hikers and an estimated 20 to 25 residents were evacuated from the area as a precaution. Investigators are still trying to determine the identity of the man, age 35 to 45. The Monroe County Medical Examiner’s Office has been called in to determine the cause of death. It is not clear whether the liquid in the buckets or a vapor from them caused the death. The process will be slowed because the body was likely contaminated with the unknown chemicals. Source: http://www.democratandchronicle.com/article/20091103/NEWS01/911030334/1002/N EWS [Return to top] Nuclear Reactors, Materials and Waste Sector 4. November 3, Burlington Free Press – (Vermont) Vermont Yankee misses deadline. A November 1 deadline set by legislative leaders came and went, and still no deal between Vermont Yankee and the state’s largest utilities on a post-2012 power contract. The house speaker said that means it will be “very difficult” for the Legislature to vote next year on whether Vermont Yankee should be allowed to continue operating after its license expires in 2012. The Vernon nuclear power plant needs the Legislature’s approval before the state Public Service Board can decide on a new 20-year operating agreement. “We need, as legislators, to appraise the power purchase agreement and how it impacts ratepayers and Vermonters,” said the state house speaker. He stopped short of saying the Legislature would refuse to take the matter up if an agreement comes together in the near future. Vermont Yankee officials talked to legislative leaders about extending their November 1 deadline, but could not reach an agreement, a Vermont Yankee spokesman said. The Legislature does not reconvene until January, but leaders have argued they need time to consider the details of any power deal. Source: http://www.burlingtonfreepress.com/article/20091103/NEWS02/91102011/VermontYankee-misses---deadline--5. November 3, Reuters – (New York) Entergy sees NY Indian Pt 2 reactor back soon. Entergy Corp (ETR.N) planned to restart the 1,020-megawatt Unit 2 at the Indian Point nuclear power station in New York soon, a spokesman said Tuesday. He said the company expected the outage to be of short duration — days not weeks. Unit 2 shut from full power on November 2 due to a generator lock out relay actuation, the company told the U.S. Nuclear Regulatory Commission (NRC) in a report. The company said in the report an investigation was ongoing and all systems responded as expected to shut the unit. The spokesman noted the plant had been running safely for more than 200 continuous days prior to the November 2 shutdown. He added the last outage for Unit 2 was in April, so this shutdown should not impact the NRC’s -3- performance indicators for unplanned shutdowns. Source: http://www.reuters.com/article/companyNews/idUSN0348556420091103 [Return to top] Critical Manufacturing Sector 6. November 3, KCAU 9 Sioux City – (Iowa) Fire destroys Siouxland concrete plant. Fifty foot flames have destroyed a business in one Siouxland town. A fire broke out at the Hancock Concrete Products Company in Lake View, Iowa about 7:20 on November 2. Eyewitnesses say they saw flames shoot up nearly 50 feet into the air. Fortunately, no one was inside the plant at the time, however the building is considered a total loss. It took a number of fire crews nearly four hours to control the fire. “We were called out at around 7:30 this evening [Monday] to a structure fire here at the Lake View tile plant. When we arrived on the scene, the fire was already through the roof,” Says the chief of the Lake View Fire Department. The cause of the fire is under investigation. Source: http://www.kcautv.com/Global/story.asp?S=11431684 7. November 3, WSYR 9 Syracuse – (New York) Fire out at auto recycling plant. A fire at an auto recycling plant in Brewerton, New York, is now under control. The fire started around 4 a.m. on November 3. An off-duty firefighter spotted the fire around 4 a.m. and called it in. Firefighters had a difficult time getting to the fire, because the facility is surrounded by an electrical fence. They also had a tough time contacting the owners of the plant to gain access. Flames and heavy black smoke were coming out of the plant by 5 a.m. Firefighters were able to get the fire under control about an hour later. There is no word yet on what caused the fire. Source: http://www.9wsyr.com/news/local/story/Fire-out-at-auto-recyclingplant/QEIWrJxXokqh1haosOKT8g.cspx 8. November 3, U.S. News and World Report – (National) Recall alert: Chevy Cobalt, Pontiac G5, Saturn Ion. General Motors has issued a recall order for about 52,000 Chevrolet Cobalt, Pontiac G5, and Saturn Ion vehicles from model years 2006 and 2007 in order to correct a defect that could lead to a vehicle fire. Only vehicles originally sold or currently registered in certain states in the southwestern U.S. are included in the recall. In a recall notice filed with the National Highway Traffic Safety Administration, the automaker explains, “the plastic supply or return port on the modular reservoir assembly may crack. If either of these ports develops a crack, fuel will leak from the area.” A fuel leak could affect vehicle performance, or, “in the presence of an ignition source, could result in a fire.” The recall affects 2006 Chevy Cobalts and Saturn Ions originally sold, or currently registered, in Arizona and Nevada, as well as 2007 Chevy Cobalts, Pontiac G5s and Saturn Ions originally sold or currently registered in Arizona, California, Florida, Nevada, and Texas. On affected vehicles, GM dealers “will replace the fuel pump module free of charge.” Owners should expect to receive a recall notice in the mail, but GM has not yet provided a schedule for when that notice will be delivered. The problem could extend to vehicles in other states as -4- well. GM’s recall notice states, “A special coverage will be implemented in the same time frame for model year 2006 vehicles registered in Alabama, Arkansas, California, Florida, Georgia, Hawaii, Louisiana, Mississippi, North Carolina, New Mexico, Oklahoma, South Carolina, Tennessee, and Texas and model year 2007 vehicles registered in: Alabama, Arkansas, Georgia, Hawaii, Louisiana, Mississippi, North Carolina, New Mexico, Oklahoma, South Carolina, and Tennessee.” The notice provides no details on what the “special coverage” might entail. In limited area recalls, automakers typically provide extended warranty coverage applying to the affected part in vehicles outside the targeted area Source: http://usnews.rankingsandreviews.com/cars-trucks/daily-news/091103-RecallAlert-Chevy-Cobalt-Pontiac-G5-Saturn-Ion/ [Return to top] Defense Industrial Base Sector 9. November 2, Aviation Week – (International) Raytheon tests JSOW-ER as anti-ship weapon. Raytheon has conducted the first free-flight test of a powered, extended-range version of its Joint Stand-Off Weapon (JSOW-ER) as the U.S. Navy prepares to begin an analysis of alternatives (AOA) for anti-ship missiles to replace the Harpoon. The October 1 test involved a JSOW glide weapon modified to demonstrate that a Hamilton Sundstrand TJ150 turbojet could be installed within the outer mold line of the basic “truck.” The weapon’s BLU-111 warhead was hollowed out to act as the fuel tank. The demonstration vehicle was released from a Navy F/A-18 over the Pacific Missile Test Range off Pt. Mugu, California, deployed its wing, started the engine and flew for more than 260 naut. mi., says the Raytheon program director. Raytheon’s threshold range target was 150 naut. mi. and objective was 250 naut. mi. Installing the fuel tank behind a smaller warhead would allow a production JSOW-ER to reach 300 naut. mi., she says. The test, funded with $4 million earmarked by Congress, demonstrated level flight, navigation via three-dimensional waypoints, and terminal maneuvering. Raytheon is looking for funding to continue work, saying the weapon could be fielded in four years as a follow-on to the unpowered, datalink-equipped JSOW C-1 now under development for the Navy. The extended-range weapon would retain the JSOW C’s imaging-infrared seeker for use against static land targets and the C-1’s datalink for use against moving maritime targets. The JSOW-ER is not a program of record, stresses Capt. Mat Winter, Navy precision strike weapons program manager, but will be one of the options assessed by the anti-surface warfare (ASuW) AOA to begin in January and expected to last 18-24 months, allowing a program start in Fiscal 2014. Source: http://www.aviationweek.com/aw/generic/story.jsp?id=news/JSOW110109.xml&headl ine=Raytheon Tests JSOW-ER As Anti-Ship Weapon&channel=defense 10. November 2, Online Defense and Acquisition Journal – (National) Rumors fly about JSF second engine. Rumors flew last week that General Electric (GE) faced the prospect of having to redesign its cumbustor and that the engine has so many problems that it would be off the test stand for at least six months. GE’s spokesman, said that he -5- was “positive no analysis has been done.” Then another source said, “The repeated failure of the GE engine has given rise to rumors that its combustor — the vital component that burns a mixture of fuel and compressed air — will have to be redesigned. One version of the rumor has GE giving up all its testing time at the Air Force’s Arnold Engineering Development Center until next April — the kind of lengthy delay typically associated with a design problem. If true, this would put the GE team in a financial bind, because it has already expended 70 percent of funding for the current phase of development.” He also claimed that the GE engine has “only managed to run for 52 hours and had four failures. At the same stage in development, the competing Pratt & Whitney engine had undergone 700 hours of SDD testing with no failures.” All this, of course, came after a routine inspection in early October revealed “dings and nicks” on the turbine blades, forcing GE/Rolls Royce to pull the engine off its test stand. So far no one has heard back from GE. Source: http://www.dodbuzz.com/2009/11/02/just-how-bad-are-f136problems/?wh=wh 11. November 2, Defense News – (International) U.S. has poor count of contractors on battlefield. The U.S. government’s inability to count contractors on the battlefield risks the security of U.S. troops, the Wartime Contracting Commission said November 2 Without knowing who and how many contractors are on the battlefield, the government runs the risk that contractors hire foreign nationals without proper background checks. The lack of an accurate count “makes the jobs of federal contract managers and auditors very difficult â ¦ and invites waste, fraud, and abuse,” a co-chairman of the commission said. “How can we assure taxpayers that they aren’t paying for ‘ghost’ employees?” Contractor employees embedded with troops are required to have background checks and biometric-based access cards. The danger to troops and U.S. civilian employees overseeing projects comes from contractors working off base, who are not required to have the biometric cards, he said. State reported nearly 9,000 contractor employees supporting contracts in Iraq and Afghanistan, but SPOT only showed 7,000, according to an October GAO report. Similarly AID told GAO the contractor headcount was 16,700 contractor employees, but the number was 445. The report recommended that the three agencies agree on uniform reporting requirements. The agencies already operate under a memorandum of understanding, but that kind of arrangement lacks the teeth to force the players to take the actions agreed on. And if the government wants to get combat contractor management right, every department in theater should report, he said. Although some agencies, like the Justice Department, voluntarily report, there is no legal requirement outside of Defense, State and AID to collect the information. Source: http://www.defensenews.com/story.php?i=4355966&c=AME&s=TOP 12. November 2, Defense News – (National) A different kind of hybrid. Electricity has been the military’s fuel of choice for the very large — 2,500-ton submarines — and the very small — 12-pound UAVs. But electricity has yet to break into the vast middle ground of tactical vehicles. Oshkosh hopes to change that with the HEMTT-A3, a hulking hybrid truck that the company says can cut fuel consumption by at least 20 percent, requires less maintenance than current trucks and can double as a power source -6- for field hospitals or command centers. The “heavy expanded mobility tactical truck” is headed to Army proving grounds this fall to undergo durability, reliability and performance tests. The Army has a few hybrid electric Humvees for testing purposes — probably less than 10. And it has tested hybrid utility vehicles, hybrid maneuver vehicles and vehicles powered by fuel cells that generate electricity. But they have not generated wide enthusiasm. Oshkosh is optimistic that its vehicle may be the first. The generator also produces electricity that is stored in two dozen ultracapacitors. Unlike batteries, the soda-can-size ultracapacitors are electrostatic devices that can charge and discharge in seconds, enabling them to store electricity generated when the vehicle is coasting or braking, and then quickly expend it when the vehicle needs to accelerate. The ProPulse hybrid drive train “can be integrated into any new vehicle design,” the company says. And upgrade kits are available to convert existing vehicles to hybrids. Source: http://www.defensenews.com/story.php?i=4354248&c=FEA&s=TEC For another story, see item 28 [Return to top] Banking and Finance Sector 13. November 3, Washinton Post – (International) British plan breakup of bailed-out banks. The British government is moving to break up parts of major financial institutions bailed out by taxpayers, with a restructuring plan expected to be unveiled as soon as November 3. The move highlights a growing divide across the Atlantic over how to deal with the massive banks partially nationalized during the height of the financial crisis. The British government — spurred on by European regulators — is set to force the Royal Bank of Scotland, Lloyds Banking Group and Northern Rock to sell off parts of their operations. The Europeans are calling for more and smaller banks to increase competition and eliminate the threat posed by banks so large that they must be rescued by taxpayers, no matter how they conducted their business, in order to avoid damaging the global financial system. The move to downsize some of Britain’s largest banks comes as U.S. politicians are debating whether American banks should also be required to shrink. The the U.S. President’s administration has maintained that large banks should be preserved because they play an important role in the economy and that taxpayers instead should be protected by creating a new system for liquidating large banks that run into problems. But Britain’s decision already is being cited by a growing chorus of experts, including prominent bankers and economists, who want the United States to pursue a similar approach. The changes would amount to a massive restructuring of the British financial system, among the hardest hit by the global crisis, that could result in what the government has described as the creation of three new commercial banks. The Royal Bank of Scotland — now 70 percent owned by British taxpayers — announced November 2 that regulators were demanding that it sell off more of its businesses than originally expected. According to British media reports, RBS would be told to sell off more than 300 retail branches in the United Kingdom, as well as several insurance businesses. The sell-offs would pave the way for tens of billions of dollars more in previously announced cash injections from the governments. -7- Source: http://www.washingtonpost.com/wpdyn/content/article/2009/11/02/AR2009110203593.html 14. November 3, Bank Info Security – (National) Six more banks, credit unions hit in phone scam. Banking customers in two additional states have been hit by the telephone-based fraud scheme that already has struck institutions in several other states. Customers of several banks and at least one credit union in southeastern Wisconsin, as well as one credit union in Hawaii, report receiving automated phone messages that appear to be coming from their institution, telling them their debit card has been compromised. It then prompts the customer to enter their card information. Hawaii Central Credit Union in Honolulu, HI reports that its customers received the automated messages asking for account information last week. Citizens Bank of Mukwonago, Park Bank in Milwaukee, Burlington’s First Banking Center, Maritime Savings Bank and Educators Credit Union are among Wisconsin financial institutions that have reported such calls since October 24, says the security officer for Citizens Bank of Mukwonago. Source: http://www.bankinfosecurity.com/articles.php?art_id=1901 15. November 2, The Register – (International) US gov warns banks on money mules. The government agency that insures U.S. banks has warned its members to be on the lookout for an increase in money mules used to launder money that has been electronically stolen from deposit accounts. In a memo issued recently, the Federal Deposit Insurance Corporation told member banks the mules can often be spotted by common characteristics. The tell-tale signs include: someone with a newly opened account who receives unusually large numbers of electronic transfers, account holders who receive electronic transfers and shortly afterward originate outgoing wire transfers or cash withdrawals that are 8 to 10 percent less (accounting for the mule’s commission), and foreign exchange students with a J-1 visa and a fraudulent passport who opens a student account that has a high volume of incoming and outgoing electronic transfers. “Money mule activity is essentially electronic money laundering,” the memo stated. “Strong customer identification, customer due diligence, and highrisk account monitoring procedures are essential for detecting suspicious activity, including money mule accounts.” Over the past few years, cybercrooks, many located in Eastern Europe, have increasingly relied on mules located in the U.S. to receive stolen funds and then funnel the money overseas before the fraud is detected. According to Security Fix, such scams have plundered at least $40m from small- to mid-sized businesses. Source: http://www.theregister.co.uk/2009/11/02/money_mule_warning/ 16. November 2, LA Daily News – (California) Westlake Village man to be sentenced for $65 million life insurance scam. A Westlake Village man could get as many as 27 years behind bars when he is sentenced on Monday in Los Angeles federal court for bilking about 70 wealthy investors out of $65 million in a life insurance scam targeting South Los Angeles church parishioners. The guilty party pleaded guilty one year ago to conspiracy, six counts of mail fraud, four counts of wire fraud and eight counts of money laundering in U.S. District Court in downtown Los Angeles during jury -8- selection in his trial. The guilty party and a co-defendant, both 41, claimed that the investors’ money would be invested in bond trading programs or used to buy pools of existing life insurance policies owned by African-American church members in Watts and Compton, prosecutors said. The two men told investors they would buy the policies for a small percentage of what they were worth, and that when the policyholders died, they would get a $240,000-per-policy windfall, which they would distribute to the investors, according to the criminal fraud complaint. Of the approximately $65 million raised from investors for those purposes, only $4.7 million was used to make life insurance premium payments, and no bonds were purchased for investors’ benefit, the complaint states. Source: http://www.dailynews.com/news/ci_13692690 17. November 2, Marketwatch – (National) Treasury expects to borrow $276 bln this quarter. The U.S. government is expected to borrow $276 billion in the final three months of the year, the Treasury Department said on November 2. The borrowing estimate is $209 billion less than estimated in August. The drop in borrowing is due to the Treasury reducing its investment in a special Federal Reserve facility that supported the central bank’s innovative credit-easing policy, the agency said. For the JanuaryMarch quarter, Treasury said it expects to borrow $478 billion. In the three months ending September, the government borrowed $393 billion. The Treasury will announce on November 4 the sizes and terms of its quarterly refunding auction. Source: http://www.marketwatch.com/story/treasury-expects-to-borrow-276-bln-thisquarter-2009-11-02-154230 For more stories, see items 22 and 33 [Return to top] Transportation Sector 18. November 3, Contra Costa Times – (California) Bay Bridge shutdown might not be the last. Just hours after reopening the Bay Bridge, Caltrans officials said Monday they are confident traffic can cross safely, but added the span may be closed in about six months for more permanent repairs. The bridge reopened to vehicles Monday morning after repairs performed the last six days passed a series of rigorous tests, a California Department of Transportation spokesman said. The bridge closed unexpectedly last Tuesday night, the second closure in two months, after a 5,000-pound steel cross bar and two tie roads fell onto the span’s upper deck. In previous Labor Day repairs, new rods and crossbars had been installed to take pressure off a cracked eyebar. Vehicles began streaming over the bridge about 9 a.m. Monday but earlier Bay Area commuters still had to scramble to find alternative ways to work, packing onto buses, ferries and freeways. In recent repairs, additional restraining devices were installed to prevent rods from making metal-on-metal contact, a factor in Tuesday’s collapse, the Caltrans chief engineer said. He added that the most recent repairs are a “customized solution” which will require near constant monitoring and attention. “For this reason and, even though it’s completely safe, Caltrans is reviewing to see if there is another solution to -9- make it safer and stronger,” a spokesman said. Any additional bridge closures could be planned in advance to cause minimal disruption to commuters and other drivers. Source: http://www.contracostatimes.com/news/ci_13701413?nclick_check=1 19. November 2, Associated Press – (Hawaii) Hawaii airport getting new control tower. The Federal Aviation Administration (FAA) has broken ground for a new $39 million air traffic control tower at Keahole-Kona International Airport on the Big Island. The current 51-foot tower was built in 1970 to control a 6,500-foot runway. In 1993, the runway was extended to 11,000 feet, making it difficult for controllers to see the north end. The FAA says the new 100-foot tower will provide controllers with better views of the airfield. The new tower will be located on seven acres of land north of the airport’s passenger terminal, about a mile from the current tower. Construction is to begin in December. The new tower is expected to be put into use in May 2012. Source: http://www.usatoday.com/travel/flights/2009-11-02-hawaii-airporttower_N.htm 20. November 2, Arizona Republic – (Arizona) Delta plane makes emergency landing in Phoenix. A Delta Air Lines plane carrying 127 passengers was forced to make an emergency landing Monday morning in Phoenix after hitting several birds. Bound for Salt Lake City, Flight 1232 was taking off from Phoenix Sky Harbor International Airport when it hit the birds, said a spokesperson of the Federal Aviation Administration (FAA). “It caused some damage to the windshield,” he said. “The damage caused a problem with the pressurization in the cabin and the pilot declared an emergency landing.” Around 9 a.m., the pilot circled the plane back to the airport and landed. The plane, carrying 127 passengers and five crew members, had “a very uneventful landing,” the FAA spokesman said. A spokesperson for Delta Air Lines, said the pilot landed the plane as a precautionary action. Delta placed passengers on other flights, he added. Source: http://www.azcentral.com/community/phoenix/articles/2009/11/02/20091102abrkemergencylanding.html 21. November 2, Honolulu Star-Bulletin – (Hawaii) Small plane on runway forced Hawaiian Air to abort landing, FAA says. The Federal Aviation Administration (FAA) plans to interview the pilot of a single-engine plane that encroached onto a Honolulu Airport runway as a Hawaiian Airlines jet was about to land. An FAA spokesman says an air traffic controller on Thursday instructed the Hawaiian pilot to abort the landing because of the Cessna 172 was “sticking its nose out on the runway.” Fergus says there was no immediate danger of a collision involving Hawaiian Flight 383 from Hilo. He says the flying record of the Cessna pilot will also be reviewed before any potential penalty is imposed, such as license revocation. Source: http://www.starbulletin.com/news/breaking/68810897.html For more stories, see items 40 and 45 [Return to top] - 10 - Postal and Shipping Sector 22. November 2, Associated Press – (International) Suspicious substance found at World Bank in DC. Authorities say they are investigating a suspicious package at the World Bank headquarters in Washington. A D.C. fire department spokesman says an unidentified substance was found in a letter or package in a mail room about noon Monday. The building, on H Street in northwest Washington, was partially evacuated. The fire department spokesman says there are no reports of illnesses. He says crews are at the scene looking to identify the substance. Source: http://www.google.com/hostednews/ap/article/ALeqM5hM5JnPbiYKRKyiBtohQseK5 3_tlgD9BNHJM80 [Return to top] Agriculture and Food Sector 23. November 3, Consumer Reports magazine – (International) BPA in canned food: Consumer Reports tests. The chemical Bisphenol A (BPA), which has been used for years in clear plastic bottles and food-can liners, has been restricted in Canada and some U.S. states and municipalities because of potential health effects. The Food and Drug Administration will soon decide what it considers a safe level of exposure to BPA, which some studies have linked to reproductive abnormalities and a heightened risk of breast and prostate cancers, diabetes, and heart disease. Consumer Reports’ latest tests of canned foods, including soups, juice, tuna, and green beans, have found that almost all of the 19 name-brand foods tested contain some BPA. The canned organic foods Consumer Reports’ tested did not always have lower BPA levels than nonorganic brands of similar foods analyzed. Consumer Reports even found the chemical in some products in cans that were labeled “BPA-free.” The debate revolves around just what is a safe level of the chemical to ingest and whether it should be in contact with food. Federal guidelines currently put the daily upper limit of safe exposure at 50 micrograms of BPA per kilogram of body weight. But that level is based on experiments done in the 1980s rather than hundreds of more recent animal and laboratory studies indicating serious health risks could result from much lower doses of BPA. Source: http://www.consumerreports.org/cro/magazine-archive/december2009/food/bpa/overview/bisphenol-a-ov.htm 24. November 2, Reuters – (National) Two U.S. deaths may be linked to bad beef. An outbreak of food-borne illness, linked to dangerous bacteria in ground beef, sickened 28 people and may have caused two deaths in the U.S. Northeast, health officials said on Monday. The U.S. Centers for Disease Control and Prevention (CDC) said all but three of the illnesses were in the Northeast and 18 were in the six New England states. A common strain of E. coli bacteria was involved so tests were under way to see if all of the reported cases have the same cause. State officials said a death in New Hampshire was linked to the ground beef that is being recalled by Fairbank Farms of - 11 - Ashville, New York. The New York State Health Department said a death in the Albany area from E. coli O157:H7 bacteria was being investigated to see if it is linked. Fairbank Farms announced the recall on Saturday of 545,699 lbs (248,450 kg) of fresh ground beef products. The Agriculture Department, which oversees meat safety, said an investigation led it to conclude “there is an association between the fresh ground beef products and illnesses in Connecticut, Maine and Massachusetts.” USDA worked with state and federal officials in examining a cluster of E. coli O157:H7 illnesses. Source: http://www.reuters.com/article/companyNewsAndPR/idUSN0243887820091103 [Return to top] Water Sector 25. November 3, Kingsport Times-News – (Tennessee) Eastman spills 2,150 gallons of acetic acid into Holston River, kills fish. An accidental spill at Eastman Chemical Co. last week apparently killed an undetermined number of fish in Kingsport, Tennessee. An Eastman Chemical spokeswoman said the spill occurred a week ago, when 2,150 gallons of acetic acid were accidentally released from the plant into a discharge channel leading to the Holston River. She said there was no danger to human health since the material diluted quickly. However, some fish near the plant were affected. The spokeswoman said Eastman reported the incident to the U.S. Coast Guard National Response Center, Tennessee Department of Environment & Conservation, Tennessee Emergency Management Agency and the local emergency planning committee. She said Eastman also notified users of the river water downstream from the plant. The company is investigating the cause of the spill. Source: http://www.timesnews.net/article.php?id=9018101 26. November 2, Minneapolis Star Tribune – (Minnesota) Protected aquifer feared at risk. Pooling underneath the Twin Cities (Minneapolis, St. Paul) area is drinking water so old and pristine that it is protected by state law. It cannot be used for industrial purposes in the seven-county metro area. But the rules that protect the 900-foot-deep Mount Simon-Hinckley aquifer in the metro do not apply to Chisago County, where LS Power wants to build a $300 million to $500 million power plant. The New Jerseybased company’s proposal to use groundwater from the aquifer has intensified opposition to the plant and has raised interest in changing the law to put the water offlimits. “It is certainly a last-resort aquifer,” said the manager of water supply planning for the Metropolitan Council. “It is used by some municipalities when there’s no readily available other source, and only for potable use.” He said age-dated samples show that the water ranges from 1,000 to 35,000 years old. Depending on where it is withdrawn, it can take hundreds of years to recharge. Since the 1989 law forbidding its use for industrial purposes in the metro area, that region has expanded: the U.S. Census Bureau now defines the metropolitan statistical area as 13 counties, including Chisago and several others not part of the original seven-county list. LS Power knew of Mount Simon’s importance, said the lead project developer for the company. But he said it proposed last summer to use the deeper water anyway, for fear of competing with any - 12 - city and private wells that draw water from shallower aquifers. The proposal called for the plant to use water from one or two nearby sewage treatment plants and, if necessary, to supplement that with as much as 2 million gallons of groundwater per day, including some from Mount Simon. However, the company recently abruptly changed direction; he said it will not use any groundwater. “We’re going to make do with the water that we have” from the North Branch and Chisago Lakes joint sewage treatment plants, he said. Source: http://www.startribune.com/local/68393912.html?elr=KArksLckD8EQDUoaEyqyP4O: DW3ckUiD3aPc:_Yyc:aUUZ 27. November 2, Los Angeles Times – (California) L.A. water main rupture sends threestory geyser shooting into the air. A water main rupture unleashed a geyser three stories high at the corner of Van Nuys Boulevard and Sherman Way in Los Angeles on November 3. Fire officials and Department of Water and Power (DWP) officials were on scene assessing the situation and trying to determine how to shut down the leak. By noon, crews had contained the break, according to TV footage, and the nearly 20-foot geyser had been reduced to a steady flow of water rising through a hole in the street. A Los Angeles Fire Department spokesman said no injuries or evacuations were reported, though there was street flooding. TV footage showed water shooting out of the street well above a nearby one-story building. It is unclear whether the building suffered water damage. The fire department responded to the call of flooding at 10:35 in the morning. This is the latest in a string of major water-main leaks in the Los Angeles area. Officials have attributed the leaks to the city’s aging water system, but the cause of this rupture remains unclear. A DWP spokeswoman said the agency was investigating. The part of the main that burst was a 54-inch iron pipe known as a “purple pipe” used to convey recycled water for irrigation and industrial purposes. The water is not hazardous to humans. The break was not expected to interrupt regular water service to DWP customers. Source: http://latimesblogs.latimes.com/lanow/2009/11/la-water-main-rupture-sendmassive-geyser-of-water-shooting-into-the-sky.html 28. November 1, Los Angeles Times – (New Mexico) Toxic waste trickles toward New Mexico’s water sources. Lethal waste is seeping from mountain burial sites and moving toward aquifers, springs and streams that provide water to 250,000 residents of northern New Mexico. Isolated on a high plateau, the Los Alamos National Laboratory seemed an ideal place to store a bomb factory’s deadly debris. But the heavily fractured mountains have not contained the waste, some of which has trickled down hundreds of feet to the edge of the Rio Grande, one of the most important water sources in the Southwest. So far, the level of contamination in the Rio Grande has not been high enough to raise health concerns. But the monitoring of runoff in canyons that drain into the river has found unsafe concentrations of organic compounds such as perchlorate, an ingredient in rocket propellent, and various radioactive byproducts of nuclear fission. Laboratory officials insist that the waste does not jeopardize people’s health because even when storm water rushing down a canyon stirs up highly contaminated sediment, it is soon diluted or trapped in canyon bottoms, where it can be excavated and hauled - 13 - away. Much surface contamination, however, becomes embedded in sediment or moves down into groundwater. That subterranean migration poses the greatest long-term danger to drinking-water wells and ultimately the Rio Grande. Adding to the uncertainty, a draft report released last summer by the Centers for Disease Control and Prevention said that the lab may have substantially underreported the extent of plutonium and tritium released into the environment since the 1940s. More recently, the state Environment Department reported finding DEHP, an organic compound used in plastics and explosives, at 12 times the safe exposure level in an aquifer that supplies drinking water to Los Alamos and the nearby community of White Rock. The U.S. Environmental Protection Agency classifies DEHP as a probable human carcinogen also capable of harming reproductive systems. Source: http://www.latimes.com/news/nationworld/nation/la-na-radiation-newmexico12009nov01,0,6423820.story [Return to top] Public Health and Healthcare Sector 29. November 3, Associated Press – (Texas) Ike-damaged Shriners Hospital to reopen Wednesday. Shriners Hospital for Children is set to reopen Wednesday nearly 14 months after Hurricane Ike pounded Galveston. A spokesman from Texas City says services will resume in phases. He told the Galveston County Daily News that the hospital should be fully operational by late December. The 30-bed hospital, which flooded when Ike came ashore on Sept. 13, 2008, is known for specializing in burn patients. Budget cuts have forced Shriners to consider accepting third-party payment for treating children, who will continue to be helped whether they can pay or not. Source: http://www.star-telegram.com/448/story/1731534.html 30. November 3, WKYC 3 Cleveland – (Ohio) Madison chemical spill causes evacuations. A chemical spill at a Northeast Ohio assisted living facility caused the evacuation of its staff and residents. Forty-one elderly residents and seven staff members were evacuated after a noxious smell spread through the building around the lunch hour Monday at “the Lantern of Madison,” located 45 minutes east of Cleveland. Several police, firefighters, and even a Hazmat team responded. After six hours it was determined that the smell was actually a strong cleaning agent that had leaked into an elevator shaft. “Lantern” residents were placed in three other area facilities. They will return to their home in the morning once Hazmat gives the facility the all clear. Source: http://www.wkyc.com/news/local/news_article.aspx?storyid=124617&catid=3 31. November 2, San Diego News Network – (California) Single-payer health care advocates arrested in protest. Three single-payer health care supporters were arrested Monday after protesting outside the Mission Valley office of Blue Shield of California. The protest was a part of a nationwide campaign to dispute health care companies, who demonstrators claim have been raising premiums throughout the recession and have lobbied against the single-payer system. The San Diego protest is part of the “Mobilization for Health for All” campaign that started in September. It was created by - 14 - Center for the Working Poor, Healthcare - NOW! and Prosperity Agenda, and supported by the Single Payer Action Coalition and members of Progressive Democrats of America. The local protest began over the weekend with more than 150 San Diegans gathering outside the Blue Shield of California office for 45 hours - one hour for every 1,000 people who have died each year due to the lack of health care - said a campaign spokesperson. About 30 demonstrators remained by Monday morning. Source: http://www.sdnn.com/sandiego/2009-11-02/politics-city-countygovernment/single-payer-health-care-advocates-arrested-in-protest [Return to top] Government Facilities Sector 32. November 3, Associated Press – (North Dakota) Minot bomb wing CO relieved of duty. The military says the commander of the 5th Bomb Wing at Minot Air Force Base (AFB) has been relieved of his command. The Air Force told The Associated Press that it lost confidence in the officer’s ability to command the base. The commander’s ouster comes a little more than two weeks after the base’s missile wing commander was relieved of his duties following a series of mishaps, including two crashes of vehicles carrying missile parts, in a little more than a year. The military says the officer was unable to “foster a culture of excellence,” and showed a “lack of focus on the strategic mission during his command.” The Air Force says he was not relieved for any alleged misconduct or wrongdoing. The commander had been the base commander since October 2007. The new commander of the 5th Bomb Wing is the former vice commander of Andersen AFB, Guam, the Air Force announced. Source: http://www.military.com/news/article/air-force-news/minot-bomb-wing-corelieved-of-duty.html?ESRC=topstories.RSS 33. November 2, WNEM 5 Saginaw – (Michigan) State officials warn of benefit debit card scam. Michigan’s Unemployment Insurance Agency (UIA) is warning those with state unemployment insurance debit cards that scammers are using cell phone text messages in an attempt to steal their unemployment benefits. According to a news release, UIA received two calls from individuals receiving unemployment benefits stating they had received text messages telling them to verify their UI debit card personal identification number by contacting the text sender. Officals at UIA said it is not their policy to contact anyone by text or by e-mail about their unemployment claim or PIN. The fake text messages advised individuals they need to reset their UI debit card PIN. One person was told to send a return text with his PIN included, while the other was instructed to call the phone number listed in the text message. When a victim calls the telephone number, a recorded voice asks the caller for the UI debit card number and PIN. With that information, the scammer can access and remove funds from the card account. JPMorgan Chase administers the MI UI Debit Card program for the state of Michigan. UIA said similar scam attempts are starting to surface in New York, Rhode Island and Missouri. Source: http://www.wnem.com/news/21495838/detail.html - 15 - 34. November 2, Orange County Register – (California) Firefighters battle blaze in lab at Cal State Fullerton. A fire broke out late Sunday night in a science building at Cal State Fullerton, a fire official said. The non-injury fire broke out at 11:47 p.m. in a research lab inside Dan Black Hall, at 800 N. State College Blvd., said a Fullerton fire department division chief said an automatic fire alarm system indicated that there was a fire in the building and firefighters quickly learned that there were a lot of chemicals in the building – possibly radioactive materials. A hazmat team was called to the scene, but determined that the lab where the fire started did not have hazardous materials, the chief said. The fire was put out in 35 minutes with the help of about 50 firefighters, he said. The fire official said a burner device started the fire, but it was unclear what caused it to catch on fire. The damage to the first-level lab is estimated at $10,000, the fire official said. The cause of the fire is under investigation. Source: http://www.ocregister.com/articles/fire-dominguez-lab-2632777-fullertonbuilding [Return to top] Emergency Services Sector 35. November 3, Roanoke Times – (Virginia) Taxi crashes into fire station. A taxi driver smashed his cab against the wall of a downtown Roanoke, Virginia, fire station Monday night as his passenger reportedly tried to rob him. Firefighters from the station removed the men from the vehicle and took them to a hospital. Their conditions were unknown. “The driver says he intentionally drove into Fire Station 1 with the suspect in the vehicle,” said a Roanoke Police Department spokeswoman. The driver hit a double door and part of a wall at the fire station at Elm Avenue and Franklin Road Southwest about 8:10 p.m., authorities said. No one in the station was injured. Source: http://www.roanoke.com/news/roanoke/wb/224898 36. November 2, KTXL 40 Sacramento – (California) Firehouse brownout delays firefighters. Sacramento City firefighters say it took longer to extinguish a house fire because the closest station was partially closed due to budget constraints. A fire last night in the tony Curtis Park neighborhood caused extensive damage to a two story home. A fire truck from station six in Oak Park a mile away was the first unit on the scene. Fire trucks are designed to help firefighters get into buildings and rescue people . But a fire engine at the station was not manned. The brownouts save the city 1.6 million dollars annually, but firefighters say this is not the first time that they have caused a delay in responding to fires. The so-called ‘brownouts’ have been in effect for over a year. Fire administrators chose to use brownouts instead of closing some of the city’s 23 firehouses. Source: http://www.fox40.com/news/headlines/ktxl-tv-brownoutfire,0,5491589.story 37. November 2, WHEC 10 Rochester – (New York) Rural Metro ambulance stolen. A Rural Metro ambulance was stolen Saturday from outside Strong Hospital in Rochester, New York. It was found about two hours later on Saint Paul Street. Officials at Rural Metro say there was no damage to the ambulance and nothing was taken from inside. - 16 - Officials say they do plan to install GPS systems inside the ambulances so they can track them on the road. Source: http://www.whec.com/news/stories/S1227022.shtml?cat=565 [Return to top] Information Technology Sector 38. November 3, Network World – (International) Hackers exploit Google Wave’s popularity. Hackers are exploiting web users that were too late in signing up for Google Wave, says Symantec. According to the security firm, web users worldwide are being encouraged to download an application that claims to offer access to Google Wave - a new invite-only online tool for real-time communication and collaboration. However, the application is in fact malware, which allows hackers to potentially steal senstive personal data from your PC. A security analyst for Symantec said: “Cybercriminals have used Google Wave for the bait precisely because of current its popularity. Furthermore, using a trusted brand like this increases the chance of success for the attacker. Unfortunately, this technique is something fraudsters use all the time and internet users should be wary - if something appears too good to be true, then it usually is.” The security firm urged web users to be careful when clicking on links, only download software was from a reputable source and ensure your security software is up-to-date. Source: http://www.networkworld.com/news/2009/110309-hackers-exploit-googlewaves.html?hpg1=bn 39. November 2, CNET – (International) New Trojan encrypts files but leaves no ransom note. Symantec is warning about a new Trojan horse that encrypts files on compromised computers but offers no ransom note like other software designed to hold data hostage for a fee. Instead, a Web search for terms related to the Trojan horse leads to a company offering a way to remove the malware. The company offering the product used to charge for it but now offers it for free. Trojan.Ramvicrype uses the RC4 algorithm to encrypt files on systems running Windows 98, 95, XP, Windows Me, Vista, NT, Windows Server 2003 and Windows 2000, according to Symantec’s Web site. Computers with files that have the .vicrypt extension are infected, a Symantec researcher wrote in a blog post recently. A Web search for “vicrypt help” brings up a news release for a company called Exquisys Software Technology Ltd in Mauritius offering a product called Antivicrypt that will “repair and restore” files that are “damaged.” Symantec reports that the company charges for the product. Exquisys could not be reached for comment on November 2, which happens to be a national holiday in that country. Meanwhile, Symantec is offering a free tool to decrypt the encrypted files. However, there is a chance that an affected computer will not have access to the Internet to search for any tools, free or otherwise. If a file in the Windows system folder has recently been opened, all the files in the system folder will be encrypted and the user may be unable to access the Internet, Symantec said. When the Trojan is executed it searches for files in MyDocuments, Desktop and Application Data\Identities and renames them with a .vicrypt extension. Then it looks for links in - 17 - the Recent folder and renames all the files in the folders that are pointed to by links there and encrypts the head section of each file. Source: http://news.cnet.com/8301-27080_3-10388541-245.html 40. November 2, SC Magazine – (International) German rail firm handed ‘record’ fine for data breaches. Deutsche Bahn has been fined more than 1 million euros to cover a number of serious breaches of data protection legislation dating back over the past ten years. The Berlin Data Protection Commissioner revealed that Deutsche Bahn were to be fined exactly 1,123,503.50, million euros which according to the Berlin Data Protection agency, is the ‘highest penalty that a German Data Protection Inspectorate has established’. The activity for which Deutsche Bahn is being fined relates to the mass screening of employee data including names, addresses, telephone numbers and bank details against those of suppliers. This screening was carried out on at least three separate occasions in 1998, 2002/3 and 2005/6, supposedly to detect fraudulent activity and employee fronted Scheinfirmen or shell companies. It has been claimed that Deutsche Bahn also enlisted the services of a detective agency to assist in this screening activity. The Information Commissioner’s press release states that personal and banking information was illegally retained for ‘years’ even after suspicions had been allayed. The head of Deutsche Bahn, Hartmut Mehdorn, was forced to resign after it became apparent that 173,000 of Deutsche Bahn’s 220,000 employees had been screened this way. Deutsche Bahn has since set up a new department for data protection. A senior security adviser at Trend Micro claimed that Deutsche Bahn’s heavy-handed tactics and the size of the resultant fine amply illustrate the need for enterprises to involve employees, works councils and unions from the outset, both when defining data protection policies and also when conducting sensitive investigations. Source: http://www.scmagazineuk.com/German-rail-firm-handed-record-fine-for-databreaches/article/156857/ 41. November 2, ComputerWorld – (International) Microsoft links malware rates to pirated Windows. Microsoft on November 2 said computers in countries with high rates of software piracy are more likely to be infected by malicious code because users are leery of applying security patches. “There is a direct correlation between piracy and the malware infection rate,” said the principal group program manager for the Microsoft Malware Protection Center. He was touting the newest edition of his company’s biannual security intelligence report. According to the manager the link between PC infection rates — the percentage of computers that have been cleaned by the updated monthly Malicious Software Removal Tool, or MSRT — and piracy is due to the hesitancy of users in countries where counterfeit copies abound to use Windows Update, the service that pushes patches to PCs. China’s piracy rate is more than four times that of the U.S., according to Microsoft’s report, published on November 2, but the use of Windows Update in China is significantly below that in the U.S. Brazil and France also have a higher piracy rate, and lower Windows Update usage, than the U.S., Microsoft maintained. But the company’s own data does not always support the manager’s contention that piracy, and the hesitancy to use Windows Update, leads to more infected PCs. China, for example, boasted a malware infection rate — as defined - 18 - by the number of computers cleaned for each 1,000 executions of the MSRT — of just 6.7, significantly lower than the global average of 8.7 or the U.S.’s rate of 8.2 per thousand. France’s infection rate of 7.9 in the first half of 2009 was also under the worldwide average. Of the three countries Microsoft called out as examples of nations whose users are reluctant to run Windows Update because of high piracy rates, only Brazil fit the manager’s argument: Brazil’s infection rate was 25.4, nearly three times the global average. By Microsoft’s tally, Serbia and Montenegro had the highest infection rate in the world, with 97.2 PCs out of every 1,000, nearly 10%, plagued by malware. Turkey was No. 2, with 32.3, while Brazil, Spain and South Korea were third through fifth, with infection rates of 25.4, 21.6 and 21.3, respectively. Source: http://www.computerworld.com/s/article/9140227/Microsoft_links_malware_rates_to_ pirated_Windows 42. November 2, DarkReading – (International) New Trojan kills the Zeus Trojan. First there were hijacked search results, now there are hijacked links: a newly discovered Trojan redirects victims to search engine sites in order to cash in on the clicks. The socalled Opachki Trojan doesn’t do the usual search-result hijacking typically deployed by the bad guys to make money, but instead attempts to hijack all links on a page the infected user is viewing. When the user clicks on a link, the Trojan redirects him to an affiliate-based search engine site that lists multiple links. “This is the first one I’ve seen that tries to replace with arbitrary links rather than hijacking search results,” says a researcher with SecureWorks’ Counter Threat Unit. “This one goes to the page and takes all the links and makes them look like searches so the [victim] sees a search result rather than the page they thought they were going to.” Opachki basically provides the bad guys another way to make money from affiliate search engines that pay people to drive traffic to them, he says. Each time the victim clicks on one of the links at the redirected search engine site, the Opachki author gets paid a small sum of money, he says. “So to make it look somewhat legit, they have real people clicking on things so that it makes it look like that person is searching.” And interestingly, the Trojan does one good deed: if the victim’s machine is also infected by the nasty Zeus banking malware, it kills it. “Why is it deleting Zeus? [Opachki] is hooking into the browser similarly to what Zeus does. Maybe there’s some sort of conflict where they both don’t work on the same machine,” the researcher says. “I’m not sure what they’re thinking” by knocking out Zeus, he says. Opachki infections come via drive-by browser exploits, and the Trojan can do its dirty work even if the user doesn’t have administrative privileges on the machine, according to Stewart’s report on the Trojan. Source: http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=2214 00320&subSection=Vulnerabilities+and+threats - 19 - Internet Alert Dashboard To report cyber infrastructure incidents or to request information, please contact US-CERT at sos@us-cert.gov or visit their Website: http://www.us-cert.gov. Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and Analysis Center) Website: https://www.it-isac.org/. [Return to top] Communications Sector 43. November 3, The Register – (International) Hacker charged in $1m cable ISP customer cloning scheme. Federal prosecutors have charged a California man with earning $1m over a six-year period by illegally selling products that allowed customers to get high-speed internet service for free. A 26 year-old San Diego man sold software and hardware that were designed to fool Charter Communications and other internet service providers into believing the gear belonged to paying customers, the prosecutors allege. The man and his employees also offered technical support in publicly available chat forums at tcniso.net, the website belonging to their modem-hacking business. The hack worked by spoofing the media access control address that acts as an electronic serial number for each modem. By replacing the unique address with one known to belong to a paying subscriber, the man’s customers were able to obtain internet service for free. Over time, his company offered additional services. One allowed users to increase their bandwidth while another made it possible to detect the MAC addresses of legitimate paying ISP subscribers. From 2003 to earlier this year, TCNISO, as the man’s company was called, generated revenue of more than $1m, according to documents filed in U.S. District Court in Boston. In addition to allowing customers to obtain internet service without paying for it, TCNISO allowed users to surf anonymously. Among those taking advantage of that benefit was a juvenile hacker who went by the moniker Dshocker. Last year, he admitted to carrying out crippling denialof-service attacks on online rivals and placing hoax emergency phone calls that prompted them to receive visits by heavily armed police teams. The Massachusetts youth was sentenced to 11 months detention. Source: http://www.theregister.co.uk/2009/11/03/cable_modem_hacking_indictment/ 44. November 3, Data Center Knowledge – (Texas) Power Outage Affects Rackspace Cloud. Rackspace reports that parts of its Dallas data center lost power early today during testing of power distribution units (PDUs) during scheduled maintenance. This resulted in downtime for sites hosted on SliceHost and The Rackspace Cloud, including the leading tech blog TechCrunch, which ensured that the outage was widely noted on blogs and Twitter. The Dallas data center has experienced power problems before, including outages on June 29 and July 7 that prompted the Rackspace CEO to issue an apology to customers and provide a detailed explanation of the outage and the operations of the Dallas/Fort Worth facility. This morning’s problems started at about 12:30 a.m. central time. “We were testing phase rotation on a Power Distribution Unit (PDU) when a short occurred and caused us to lose the PDUs behind this Cluster,” - 20 - Rackspace reported on its blog. “All power has been restored and devices are being brought back online. The PDUs were down for a total of about 5 minutes. We have aborted the maintenance for the remainder of the evening and will reschedule this for another date.” Althought the PDUs were offline for only 5 minutes, many customer sites were unavailable for a longer window. Most sites returned to service by 2 a.m., while several cloud servers continuing to experience problems until after 5 a.m., according to a timeline on the Cloud Servers status blog. The Rackspace DFW data center in Grapevine, Texas is the company’s largest facility, with 144,000 square feet of space. The facilty in Grapevine figured into a 2007 power outage that interrupted service for many prominent web sites. In that incident, a vehicle struck a power transformer, and public safety officials turned off both the facility’s power feeds during their emergency rescue operations. Source: http://www.datacenterknowledge.com/archives/2009/11/03/power-outageaffects-rackspace-cloud/ [Return to top] Commercial Facilities Sector Nothing to report [Return to top] National Monuments and Icons Sector Nothing to report [Return to top] Dams Sector 45. November 2, Monroe News-Star – (Louisiana) Ouachita rises above 45 feet. The Ouachita River in Louisiana will rise this month to its highest level since the devastating 1991 flood, triggering more safety protection measures by the Tensas Basin Levee District. The executive director of the district said the Ouachita’s predicted crest is 47 feet in Monroe on November 16. It reached 50.5 feet in 1991. “Our system can certainly handle 47 feet, but that level will require us to take more protective action,” he said Sunday. The river stage reached 45.2 feet on Sunday. Flood stage is 40 feet. District personnel, with the help of the Army Corps of Engineers, are conducting 24hour levee patrols now. “At 46 feet we begin to see some seepage and sand boils, so we’re patrolling the levees as much as possible,” he said. He said the district will likely begin erecting the folding flood wall in downtown Monroe on Monday and finish the job on Tuesday. He also said that he will likely ask the U.S. Coast Guard to close the river to commercial barge traffic. “We’ll make a final decision on that [Monday],” he said. Source: http://www.thenewsstar.com/article/20091102/NEWS01/911020316 - 21 - 46. November 2, KBMT 12 Beaumont-Port Arthur – (Texas) Flood waters threaten Deweyville. The residents of Deweyville, Texas, are getting ready for what could be the town’s worst flood in 20 years. Heavy rain has overfilled the Toledo Bend Reservoir. Now the Sabine River Authority are opening the flood gates. There are 11 gates opened 6’-wide, which is about 75,000 cubic feet per second. That is almost 50billion gallons in a 24-hour period. The Sabine River is already above the flood stage at 24.5’. Some residents have been through similar floods before. They say it is just a part of living on the bank of a river. City officials, however, are warning residents not to get too comfortable. As the water continues to rise, Newton County is offering free sandbags. Residents are being advised to stock up on canned goods and bottled water. They are encouraged move any belongings they want to protect up to higher ground. By Friday afternoon, the waters are expected to crest at 28’. At 29’, the town would be completely isolated, meaning boats would be the only form of transportation left. Deweyville schools will be open Tuesday. Source: http://www.kbmt12.com/news/local/68683087.html [Return to top] - 22 - DHS Daily Open Source Infrastructure Report Contact Information About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Website: http://www.dhs.gov/iaipdailyreport Contact Information Content and Suggestions: Send mail to NICCReports@dhs.gov or contact the DHS Daily Report Team at (202) 312-3421 Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes. Removal from Distribution List: Send mail to support@govdelivery.com. Contact DHS To report physical infrastructure incidents or to request information, please contact the National Infrastructure Coordinating Center at nicc@dhs.gov or (202) 282-9201. To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit their Web page at www.us-cert.gov. Department of Homeland Security Disclaimer The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material. - 23 -
