Homeland
Security
Current Nationwide
Threat Level
ELEVATED
Daily Open Source Infrastructure
Report for 27 September 2010
Significant Risk of Terrorist Attacks
For information, click here:
http://www.dhs.gov
Top Stories

CNN reports federal authorities charged a Connecticut man with sending more than 50
anthrax hoax and bomb threat letters to recipients including government officials and
buildings. (See item 26)

According to the Associated Press, Minnesota and Wisconsin’s governors declared
emergencies for large segments of their states September 24 due to flooding caused by
heavy rain. The Wisconsin National Guard distributed thousands of sandbags to
municipalities; and in Oronoco, Minnesota more than a dozen homes near a dam were
evacuated. (See items 64 and 66)
Fast Jump Menu
PRODUCTION INDUSTRIES
• Energy
• Chemical
• Nuclear Reactors, Materials and Waste
• Critical Manufacturing
• Defense Industrial Base
• Dams
SUSTENANCE and HEALTH
• Agriculture and Food
• Water
• Public Health and Healthcare
SERVICE INDUSTRIES
• Banking and Finance
• Transportation
• Postal and Shipping
• Information Technology
• Communications
• Commercial Facilities
FEDERAL and STATE
• Government Facilities
• Emergency Services
• National Monuments and Icons
Energy Sector
Current Electricity Sector Threat Alert Levels: Physical: ELEVATED,
Cyber: ELEVATED
Scale: LOW, GUARDED, ELEVATED, HIGH, SEVERE [Source: ISAC for the Electricity Sector (ES-ISAC) [http://www.esisac.com]
1. September 24, Waterville Morning Sentinel – (Maine) Man stole copper grounding
wires from poles, police say. A Waterville, Maine man was arrested late September 21
after a caller from Bartlett Street reported seeing someone stealing copper wire off
utility poles in Waterville. The man, 32, was later found with 26 lengths of copper wire
-1-
in the back of his pickup truck, according to the deputy police chief. The suspect was
charged with aggravated criminal mischief and aggravated theft in the case, the deputy
police chief said September 22. Police September 22 contacted Central Maine Power
Co. (CMP) and spoke with a line supervisor who went around and surveyed poles in
the area. The deputy policd said the supervisor reported at least 50 poles had been
stripped of copper wire, so CMP is in the process of surveying a larger area to see if
more wire is missing.
Source: http://www.onlinesentinel.com/news/police-man-stole-copper-groundingwires-from-poles_2010-09-22.html
2. September 23, Associated Press – (West Virginia) West Virginia gas well burns for
5th straight day. A natural-gas well fire is still burning in West Virginia’s Northern
Panhandle. A well in a remote area near Cameron in Marshall County has been on fire
since September 19. Chesapeake Appalachia LLC said September 23 that well-control
specialists have removed all equipment from the area near the well head, including the
base and substructure of a nearby rig. A Chesapeake spokeswoman said crews will
excavate around the well head, then determine how to cut off the gas flow and put out
the fire. Water from nearby impoundments is being used to contain the fire while the
crews work.
Source: http://www.dailymail.com/News/statenews/201009230646
3. September 23, KENS 5 San Antonio – (Texas) FBI: Houston energy companies
targeted by hackers. Houston, Texas energy companies have been targeted by hackers
who are attempting to take down the U.S. economy, the FBI said. The FBI, security
leader for Dupont and a former CIA security expert who worked directly under other
security investigators recently spoke candidly with Houston’s energy leaders about the
problem. The FBI agent said America is literally at war fighting off economic attacks
that come by the thousands daily via the Internet. Most of the time the FBI said energy
companies in Houston don’t even know they’ve been compromised. “It is a little scary
because the victim organizations span everything from small law firms up to huge
multi-national corporations, and it’s not just a government problem anymore,” said a
man, who works for Mandiant, a computer forensics firm that is often hired by the U.S.
to seek out and eliminate economic espionage. At a recent symposium, investigators
told energy leaders that most of the hackers are believed to be coming from inside
Russia and China. And while most of the attacks come during business hours on the
other side of the globe, some are coming from within on the inside.
Source: http://www.kens5.com/news/FBI-Houston-energy-companies-targeted-byhackers-103614224.html
4. September 23, Associated Press – (Texas) Safety review at BP plant after steam
accident. Personnel at a Houston, Texas -area BP refinery spent a day reviewing safety
measure after a steam release injured two pipefitters this week. The review held
September 22 was part of a program implemented following a 2005 explosion that
killed 15 workers and injured 170 more at the same refinery in Texas City. No units
were shut down during the “safety standdown” that followed the September 21 steam
-2-
accident, a BP spokesman told The Galvelston County Daily News.
Source: http://www.chron.com/disp/story.mpl/ap/business/7214364.html
5. September 23, Associated Press – (Utah) Broken gas line forces 1,000 to evacuate in
Utah. Provo, Utah officials said a broken natural gas pipe has forced the evacuation of
about 250 homes and several businesses on State Street near 1860 South. Questar Gas
officials said a construction crew hit a 16-inch gas pipe while working in the area at
about 3 p.m. September 23. City officials estimate about 1,000 residents have been
evacuated, including those at a state residential detention facility for youth. Questar
said the leak requires a complicated fix that could take several hours. It’s not clear how
long residents could be kept out of their homes. The city said residents can go to Spring
Creek Elementary School to wait. The Red Cross will set up an overnight emergency
shelter there if necessary.
Source: http://www.foxnews.com/us/2010/09/23/broken-gas-line-forces-evacuate-utah/
6. September 22, Connecticut Department of Environmental Protection – (Connecticut)
Connecticut begins assessment and cleanup of leaking underground storage tank
sites. The Connecticut Department of Environmental Protection (DEP) September 22
announced it has begun assessment and cleanup operations at seven leaking
underground storage sites throughout the state with $2 million received from the U.S.
Environmental Protection Agency under the American Recovery and Reinvestment
Act. The stimulus funding is designed to identify, assess and clean up federally
regulated Leaking Underground Storage Tank sites in the state. Resources mobilized by
the site assessments and cleanups include environmental consultants and laboratories,
construction workers, landfill operators, trucking companies and drilling companies.
Assessment and cleanup work is currently being conducted at seven sites. They were
chosen because each had leaks documented from federally regulated underground
storage tanks and the responsible party is unknown or unable to pay.
Source: http://www.ct.gov/dep/cwp/view.asp?Q=466148&A=3847
[Return to top]
Chemical Industry Sector
7. September 24, Roanoke Times – (Virginia) EPA sues 3 plants to help cleanup. Three
Virginia companies that dumped their hazardous waste in the Kim-Stan landfill in
Selma, Virginia, should share in the cost of cleaning up the toxic site, the U.S.
Environmental Protection Agency (EPA) contends. MeadWestvaco Corp., Hercules
Inc. and Honeywell International Inc. were named as defendants in a lawsuit filed this
month by the EPA in U.S. District Court in Roanoke. Kim-Stan operated as a sanitary
and industrial landfill from 1972 to 1990. After taking county trash for much of its life,
the privately-owned landfill began to accept out-of-state shipments from New York and
other cities. About 725,000 tons of trash were buried in the landfill in its last 2 years.
Under a consent decree negotiated with MeadWestvaco, Hercules and Honeywell, the
three companies will together will be liable for $1.9 million in cleanup costs, according
to an EPA spokesman. According to the lawsuit, which seeks to enforce the consent
-3-
decree, MeadWestvaco arranged for waste containing asbestos and other hazardous
materials to be shipped from its paper mill in Covington and dumped in Kim-Stan.
Similar allegations were made against Hercules, which operated a polypropylene film
and fiber plant in Covington. Allied Chemical Corp., a predecessor of Honeywell,
operated an aluminum sulfate manufacturing plant in Covington and also was a source
of hazardous waste.
Source: http://www.roanoke.com/news/roanoke/wb/261494
[Return to top]
Nuclear Reactors, Materials and Waste Sector
8. September 24, Pittsburgh Tribune-Review – (Pennsyvania) FirstEnergy wants room
for nuke waste. FirstEnergy Corp.’s plan to add needed storage capacity for used
nuclear fuel rods at its Beaver Valley Power Station No. 2 unit will be discussed at a
federal Nuclear Regulatory Commission (NRC) meeting September 27. The Akronbased company plans to add high-density racks to the spent fuel pool at its powergenerating plant in Shippingport, Pennsylvania. The company is expected to provide
NRC staff with additional details at the session in Rockville, Maryland. Additional
storage capacity is needed at many nuclear power plants nationwide because of
uncertainty over whether a proposed fuel repository at Yucca Mountain, Nevada, will
be competed. A commission created by the Presidential administration is to study what
the nation should do with used radioactive fuel, and make a report in 2012. “It doesn’t
look like Yucca Mountain is going to open, ever,” said a FirstEnergy spokesman.
“When these plants were built the Department of Energy said it would take the fuel and
safely store it. That wasn’t done by the DOE, so the plants have to safely store it onsite.” FirstEnergy, in an April 2009 application, said replacing racks will increase the
Unit 2 pool’s capacity from 1,088 storage cells to 1,690 cells. Each cell holds a bundle
of nuclear fuel rods that were used in the reactor. The pool’s capacity “is currently
good for 2011,” the spokesman said, and the proposed project would extend it to 2025.
Source: http://www.pittsburghlive.com/x/pittsburghtrib/business/s_701045.html
9. September 23, Environment News Service – (New Jersey) Cleanup of radioactive
water at Oyster Creek nuclear plant begins. Radioactive tritium that leaked from the
Oyster Creek nuclear power plant in Lacey Township, New Jersey in 2009 into two
aquifers below the facility is being removed after months of delay, said the New Jersey
Department of Environmental Protection. The Exelon Corporation, which owns and
operates the power plant, has agreed to start pumping efforts this week on two
monitoring wells in the Cape May and upper Cohansey aquifers, and also has agreed to
expand that effort to a third contaminated location by early October. The goal is to
remove the tritium-tainted water to avoid any potential contamination of drinking water
supplies, said a DEP Commissioner. At a meeting last week in Trenton with a
commissioner, company officials outlined plans to immediately start pulling
contaminated water from the ground below the nuclear generating station to control any
further migration of the tritium plume that is currently flowing uncontrolled towards
-4-
the plant’s discharge canal.
Source: http://www.ens-newswire.com/ens/sep2010/2010-09-23-092.html
10. September 23, Chattanooga Times Free Press – (Tennessee) TVA declares unsual
event at Sequoyah during transformer fire. A transformer fire at the Sequoyah
Nuclear Power Plant in Soddy-Daisy, Tennessee September 22 is under investigation
by the Tennessee Valley Authority (TVA) and federal regulators. A TVA spokesman
said the utility declared “an unusual event” — the lowest of four emergency response
notifications at a nuclear plant — when a fire in the 500,000-volt transformer at the
Sequoyah switchyard lasted more than 15 minutes. TVA fire crews extinguished the
fire within 20 minutes of when the fire began around 9:30 p.m. without any injury to
plant employees or loss of power from the twin-reactor plant. At the time of the fire,
the transformer was being placed in service following maintenance. The transformer is
used to step down 500,000 volt lines to 161,000 volt lines as part of TVA’s
transmission of power. But the transformer is outside of the nuclear reactors and
generators at the plant, a TVA spokesman said. The plant continued to generate power
September 23 with unit 2 at 100 percent power and Unit 1 at 85 percent power as it
prepares for a refueling outage this fall. The emergency notification to the Nuclear
Regulatory Commission was the first at Sequoyah since 2003.
Source: http://www.timesfreepress.com/news/2010/sep/23/TVA/?breakingnews
11. September 22, Tenneseean – (Alabama) TVA nuclear plant whistleblower incident
followed by changes. A whistleblower’s reports of safety risks at the Tennessee Valley
Authority’s (TVA) Browns Ferry Nuclear Plant in Athens, Alabama began a chain of
events that resulted in a finding that federal law was broken, which the company is
challenging. The Shaw Group is appealing a decision of a Department of Labor’s
(DOL) review panel that the company retaliated against a worker. Shaw, a major
contractor on work at Browns Ferry and a subsidiary of Stone & Webster, has settled
separately with the Nuclear Regulatory Commission (NRC) to make changes in how it
responds to workers’ safety complaints. A painter foreman at the TVA plant had been
fired in 2004 after he passed along safety concerns. The whistleblower had outlined
problems with the protective paint coatings being applied to the plant’s cooling
systems, which could cause paint debris to clog emergency cooling pumps and prevent
a safe shutdown of the reactor in the event of an accident. A DOL appeals panel
determined he was wrongly terminated. The company decided to work with the NRC to
come to an agreement “in a manner that emphasized our ongoing commitment to a
safety-conscious work environment,” she said.
Source: http://www.tennessean.com/article/20100922/NEWS01/100922021/TVAnuclear-plant-whistleblower-brings-call-for-change
[Return to top]
Critical Manufacturing Sector
12. September 24, Kittanning Leader-Times – (Pennsylvania) North Buffalo mill blaze
draws many fire departments. Nearly a dozen fire companies responded to a fire
-5-
inside a graphite mill in North Buffalo, Pennsylvania September 24 after workers
spotted flames coming from one of its buildings. Crews from West Kittanning,
Applewold, East Franklin, all three Kittanning companies, Worthington, Rayburn,
Manor and Ford City were dispatched to the Asbury Graphite Mill, along Linde Road,
at 4:27 a.m. after the wood-frame housing around a ball mill caught fire. The cause of
the fire is being investigated. Crews remained on scene for more than 2 hours. No
injuries were reported.
Source: http://www.pittsburghlive.com/x/valleynewsdispatch/s_701112.html
13. September 23, Birmingham News – (Alabama) Update: Harpersville fire out, but
steel fabrication building destroyed. A fire at a steel fabrication business on U.S. 280
in Harpersville, Alabama is out, but the building has been destroyed. The afternoon fire
shut down traffic on U.S. 280 in both directions near the scene for at least 1 hour. The
director of public safety for the town of Harpersville, said the highway was shut down
as a precaution because of hazardous materials inside the building. Fire units from at
least five jurisdictions responded. When they arrived, flames were shooting out the top
of the building. “There was nothing we could do but prevent it from spreading,” the
chief said. There were still some traffic delays in the westbound lanes of 280. The
building that burned was next to SCS Steel Fabricating. The chief said the company did
work for SCS.
Source: http://blog.al.com/spotnews/2010/09/update_harpersville_fire_out_b.html
[Return to top]
Defense Industrial Base Sector
14. September 23, Navy Times – (National) Gas turbine engine on LCS Freedom
breaks. A high-speed gas turbine engine on board the Navy’s first Littoral Combat
Ship broke earlier this month and will need to be replaced, but officials do not expect
the mishap to affect the ship’s testing schedule. The incident took place September 12
while Freedom was operating off southern California. The ship shut down its two
Rolls-Royce MT30 gas turbines after “high vibration indications” were seen in the
starboard engine, according to a spokesman for the Naval Surface Forces command in
San Diego. Subsequent examination of the broken engine showed that turbine blading
had broken off and damaged the unit. The incident comes at an awkward time for
Lockheed Martin, prime contractor for the Freedom, which is locked in a competition
with Austal USA, the builder of LCS 2.
Source: http://www.navytimes.com/news/2010/09/navy-engine-changeout-for-lcsfreedom-092310w/
[Return to top]
Banking and Finance Sector
15. September 24, Associated Press – (Florida) Fla. bank robbers strap bomb to
abducted teller. A bank teller was kidnapped early September 24 from his home by
-6-
robbers who strapped a suspected bomb to his chest and used him to steal money from
a Bank of America branch near the University of Miami in Coral Gables, Florida
according to the FBI. The suspected explosive device was safely removed, and the
teller was brought out of the bank shortly before noon. The device remained in the bank
at midday and authorities were working to detonate it, said a lieutenant of the Coral
Gables Police Department. A major South Florida thoroughfare, U.S. 1, was closed for
hours in both directions at the height of rush hour. Three local schools were on
lockdown as a precaution, and the University of Miami sent out a campus-wide alert.
The incident began with a home invasion at an apartment complex in the suburb of
Kendall, where the bank teller lived. Three suspects later took the teller to the Coral
Gables bank, used him to steal an undetermined amount of cash, and then made a
getaway in a stolen red Ford Mustang. Police were still investigating whether the teller
was involved in the crime or just a victim.
Source:
http://www.google.com/hostednews/ap/article/ALeqM5j84bUVbCDLc9v6t1PQMxS2
XPx-FwD9IED4J81
16. September 23, Associated Press – (Florida) FBI offers $40K reward for ‘Sundown
Bandits’. The FBI is offering a $40,000 reward for information leading to the arrest of
the so-called “Sundown Bandits” who have robbed six South Florida banks in recent
months. The FBI said the robbers usually enter banks carrying weapons and wearing
baseball caps. They also sometimes wear neckties and long-sleeved shirts. Both are
described as black men between 25 and 30. They are called the “Sundown Bandits”
because they strike near bank closing time. It is believed the same two have committed
bank robberies in Miami-Dade, Broward and Palm Beach counties since December of
last year. The most recent robbery was September 9 at a Wachovia branch in Boca
Raton.
Source: http://www.miamiherald.com/2010/09/23/1838059/fbi-offers-40k-reward-forsundown.html
17. September 23, Salt Lake Tribune – (Utah) Utah businesses told thieves stealing data
at will. In the area of cybercrime, it’s the criminals who are winning. That was the
message September 22 to a group of business representatives gathered in West Valley
City, Utah, to exchange information about criminal activity, including the exploding
rise in the harvesting of credit card and other data used to steal money from consumers
and businesses. Organized crime enterprises, mostly from foreign countries, have the
time and the money to defeat nearly every protection businesses have put in place on
credit card transactions, said an executive vice president at ProPay, a Lehi company
that provides payment services to businesses. Criminal investigations and lawsuits are
time-consuming and often ineffective. Credit cards and other data are openly for sale
on the Internet, he said. One site even guaranteed its products. “If you bought cards and
they didn’t work, they’d overnight new ones to you.” He spoke to a meeting of the
local chapter of InfraGard, a FBI program that began in Cleveland,Ohio in 1996 and
spread nationwide. Local business representatives at the September 22 session were
told that one solution would be for merchants to contract with specialized companies to
process credit card information and guard that data. Even those companies remain
-7-
under constant cyberattack. The president of the Utah InfraGard chapter said he
witnessed an extortion attempt at ProPay, where he formerly was director of
information technology. A Baltics-based criminal organization demanded $10,000 to
protect the company from an attack, he said in an interview. The company went to the
FBI and received information about those behind the attack, which was ultimately
unsuccessful.
Source: http://www.sltrib.com/sltrib/money/50336763-79/infragard-businessesinformation-credit.html.csp
18. September 23, Associated Press – (International) Romanian detained over eBay
cyber fraud. Romanian authorities have detained a man suspected of committing cyber
fraud worth $3 million against the company eBay Inc. Organized crime prosecutors
said he is being investigated for “phishing” attacks against 3,000 of eBay Inc.
employees. They said September 23 that he allegedly stole the employees’ IDs and
passwords in 2009 and accessed company files, including an application with the data
base of eBay clients and their transactions. He then used “phishing” sites to access the
accounts of about 1,200 eBay users. Prosecutors also said he and some accomplices
withdrew 300,000 euros ($400,000) from Italian bank accounts. Romanian authorities
worked with the U.S. Secret Service and Italian authorities in this case.
Source: http://www.businessweek.com/ap/financialnews/D9IDJ2QG0.htm
19. September 22, United Press International – (National) FBI: ‘Massive frauds’
uncovered. An FBI official told the U.S. Senate Judiciary Committee September 22 the
bureau has uncovered “massive frauds” in its ongoing effort to fight financial crime.
The assistant director who heads the FBI’s Criminal Investigative Division told the
panel “the FBI has continued to uncover massive frauds, including newly identified
Ponzi schemes.” New corporate fraud cases are up by 111 percent, he said, while highyield securities frauds have grown by more than 200 percent. “In the last three years
alone, the FBI has seen the number of mortgage fraud cases steadily climb from 1,200
in 2007 to over 3,000 in 2010,” the assistant director said. “Nearly 70 percent of these
pending cases represent losses to financial institutions and other victims exceeding $1
million. In many of these cases the loss far exceeds $1 million.” Operation Stolen
Dreams, a take-down of mortgage fraud schemes throughout the country,
“demonstrates just how rampant mortgage fraud is in this country,” he said.
Source: http://www.upi.com/Top_News/US/2010/09/22/FBI-Massive-fraudsuncovered/UPI-57061285191980/
20. September 22, Vancouver Columbian – (Oregon) 1,000 reward offered for ‘Where’s
Waldo’ bandit. On September 22, one day after a man allegedly used a bomb threat to
rob a Key Bank branch in the Tigard, Oregon area, FBI agents have charged him with
the holdup, dubbed him the “Where’s Waldo” bandit, and arranged for a reward of up
to $1,000 for his whereabouts. The man, identified as a 29-year-old Portland, Oregon
resident, allegedly told bank employees he had an explosive device and, as he left the
bank, left a small box behind, according to a bulletin from a FBI spokeswoman. He
also allegedly dropped a backpack near the bank. Experts with the metropolitan
explosive disposal unit determined the box and backpack contained no explosives. The
-8-
award for information leading to the suspect’s arrest and conviction is offered by the
Oregon Financial Institutions Security Task Force, the bulletin said. The suspect is
about 5 feet 8 inches tall, with an average build, perhaps weighing 200 pounds, the FBI
spokeswoman said. He has short, thick dark hair and wore prescription glasses with
thick black plastic frames. He also wore a striped shirt with a black T-shirt underneath.
Source: http://www.columbian.com/news/2010/sep/22/1000-reward-offered-forwheres-waldo-bandit/
[Return to top]
Transportation Sector
21. September 24, Washington Post – (District of Columbia) Encourage whistleblowers,
Metro told. Metrorail service provided by the Washington Metropolitan Area Transit
Authority (Metro) in Washington D.C. is safer than it was before the fatal June 2009
Red Line crash, but the transit agency can not build an effective “culture of safety”
unless it convinces employees that they can report problems and close calls without
fearing discipline, a top federal safety official said September 23. The chairman of the
National Transportation Safety Board (NTSB) told a U.S. House of Representatives
subcommittee examining Metro’s response to the board’s investigative findings and
safety recommendations that Metro leaders have successfully broadened their primary
focus from keeping trains running to also keeping passengers safe. Even so, the
chairman said, “You have to bring employees to the table if you’re going to be
successful ... You need to set up a structure where employees feel comfortable
reporting things.” NTSB investigators found that the operator of the train that was hit
near the Fort Totten Station in Washington D.C. was operating his train in manual
mode — against Metro policy at the time — because he’d been disciplined for
overshooting a station platform in automatic mode. Although that operator didn’t cause
the crash, the chairman said, his behavior showed a “punitive culture” that discouraged
employees from reporting problems and the agency from figuring out how to fix them.
Source: http://www.washingtonpost.com/wpdyn/content/article/2010/09/23/AR2010092306842.html
22. September 24, Boston Globe – (Rhode Island) Pilot is affected by laser beam. Federal
and local authorities are vowing to crack down on people who shine laser pointers at
aircraft after a significant increase this year in the number of such cases, including one
that left a pilot temporarily blinded last week as he landed a passenger plane in
Warwick, Rhode Island. In the latest local case, a 31-year-old Warwick man allegedly
pointed his high-powered laser pointer at the cockpit of a Continental Airlines
passenger airplane landing at T.F. Green Airport, briefly blinding the pilot. According
to FBI statistics, about 1,000 incidents were reported nationwide in 2008; from January
through August of this year, 1,700 incidents were reported. “The seriousness of these
incidents cannot be overstated,’’ said a special agent in charge of the FBI field office in
Boston. “Most often lasers are pointed at aircraft during critical phases of flight while
they are at low altitude or preparing to land or take off. Any brief distraction in the
cockpit during this time can be catastrophic.’’
-9-
Source:
http://www.boston.com/news/local/rhode_island/articles/2010/09/24/pilot_is_affected_
by_laser_beam/
23. September 24, Homeland Security News Wire – (California) Bridge column
withstands 6.9 quake in tests. Engineers from across California were in San Diego
September 20 to test a bridge column to make sure it could withstand a powerful
earthquake. The engineers’ tests simulated a 6.9 quake against a column similar to
those used in bridges built in the last 15 years. For the tests, they used one of the largest
outdoor shake tables in the world. Nearly all of California’s 2,194 state-owned bridges
have been retrofitted. Local cities and counties across California own 1,193 with work
done on 729 of them. An engineer said bridges that carry a heavy traffic load are up to
code, but the smaller bridges are worrisome. The University of California San Diego is
partnering with CalTrans to conduct the $500,000 tests. The shaking on the tests was
modeled after the Loma Prieta earthquake in 1989.
Source: http://homelandsecuritynewswire.com/bridge-column-withstands-69-quaketests
24. September 23, Associated Press – (Minnesota) MSP midair miss: ‘We heard the guy
go by’. Federal regulators said September 23 that they were investigating a nearcollision of a US Airways jet and a small cargo plane that came within 50 to 100 feet of
each other over Minneapolis, Minnesota just after takeoff last week. Air control radio
traffic showed the cargo pilot failed to turn as directed. The two pilots never saw each
other September 16 as they passed in cloud cover at an altitude of about 1,500 feet, the
National Transportation Safety Board (NTSB) said. However, investigators said, the
US Airways captain said he heard the cargo plane go by. The NTSB said the tower
instructed the US Airways crew to turn left, which caused it to cross paths about a halfmile past the end of the runway with the cargo plane, which had only the pilot aboard.
A collision might have dropped wreckage on homes and freeways. The jetliner had an
automated system that instructed the pilots to climb to avoid a crash, and they did. The
cargo plane didn’t have the system, and its pilot was unaware the Airbus was nearby,
the NTSB said. A rise in near-collisions nationwide prompted the Federal Aviation
Administration (FAA) this summer to launch an effort to learn why air traffic
controllers and pilots were making the dangerous errors. The FAA also said it had seen
a spike in incidents where planes were violating minimum separation distances.
Source: http://www.twincities.com/ci_16159956?nclick_check=1
25. September 22, Associated Press – (Washington) Breach at Seattle airport causes
partial shut down. A Transportation Security Administration (TSA) spokesman said
part of Seattle-Tacoma International Airport in SeaTac, Washington was briefly shut
down because of a security breach. An airport spokesman said that three passengers
slipped past an unstaffed security checkpoint September 21 just after 6 p.m. A TSA
spokesman said planes were kept at their gates for about 20 minutes until the three
could be located and screened. One was still in the security area; the other two were
found in the boarding gate area. All three checked out OK. The TSA spokesman said
the three passengers passed through while security personnel were rotating positions.
- 10 -
Source:
http://www.google.com/hostednews/ap/article/ALeqM5hRuoke2Drr16Wgo8Dlqv1j_0
Rz-gD9ICPM701
For another story, see item 5
[Return to top]
Postal and Shipping Sector
26. September 23, CNN – (National) Feds: Man sent more than 50 anthrax hoax, bomb
threat letters. A Connecticut man was charged with sending more than 50 anthrax
hoax and bomb threat letters to recipients including government officials and buildings,
federal authorities said. A complaint charging the 43-year-old of Thomaston and
Morris, Connecticut, was unsealed September 22, the Department of Justice said in a
statement. The suspect has been in custody since he surrendered to authorities in North
Dakota September 7. He appeared September 22 in federal court in North Dakota,
where he agreed to be returned to Connecticut. “This defendant is alleged to have sent
more than 50 letters nationwide, in which he threatened to kill numerous victims, by
shooting them, bombing the buildings in which they work or exposing them to a
substance that he claimed was, but was not, anthrax,” the U.S. attorney for the District
of Connecticut said in the statement. The letters resulted in the evacuation of a post
office, a town hall and a public school, he said. The suspect is charged with mailing
threatening communications and with making threats through the mail to kill, injure or
intimidate a person, or to damage or destroy any building by means of an explosive,
authorities said. If convicted, he faces a maximum sentence of 10 years in prison on
each charge.
Source: http://www.cnn.com/2010/CRIME/09/23/connecticut.hoax.letters/
[Return to top]
Agriculture and Food Sector
27. September 24, Dartmouth – (National) Professor warns against arsenic ‘on your
plate’. High levels of arsenic in rice and rice products present serious hazards to public
health, a professor from the University of Aberdeen in Scotland said in a seminar at
Dartmouth College in Hanover, New Hampshire September 23. The professor
discussed the dangers and pervasiveness of arsenic, which has long been linked with
cancer, in a seminar, “Arsenic on Your Plate.” Although health organizations and
governments have stressed the need to regulate arsenic levels in water, the professor
said there are no corresponding standards for arsenic in food. He cited research to
demonstrate that rice is particularly susceptible to arsenic contamination, and that diets
heavy in rice can be related to arsenic-related health conditions, including cancer. Rice
absorbs a substantially larger amount of arsenic than other crops because the water used
to flood rice paddies is able to “mobilize” arsenic from the soil, the professor said.
Levels of arsenic contamination are higher in rice grown in the United States than in
- 11 -
any other nation, according to research the professor cited in his lecture. Rice from the
South, specifically Arkansas and Texas, shows the highest rates of arsenic poisoning
because of the arsenic-laden chemicals farmers previously used to cultivate cotton
there, he said.
Source: http://thedartmouth.com/2010/09/24/news/arsenic
28. September 24, Greensboro News & Record – (North Carolina) Up to 60,000 chickens
killed in power outage at N.C. farm. Officials said as many as 60,000 chickens could
be dead in Shelby, North Carolina as a result of a power outage. And the stench
originates from McCraw Road. Backhoes ripped into the dirt near Greenway Farms
September 23, to bury the dead birds. A trail of feathers littered a dirt road to their
graves outside Boiling Springs in the area known as No. 1 Township. “I’d heard 60,000
of them,” said the health coordinator. Workers at the farm said “a few” chickens were
lost because of a power outage. “He was running on a generator and something
happened to the generator,” said the animal health technician with the North Carolina
Department of Agriculture. The cooperative extension director said it appeared the
property’s electricity was discontinued at some point, but he was unsure of details. The
animal health technician noted chickens -don’t last very long without air. “That’s why
you have all the fans that pull the air through there. It takes a few minutes, and they’re
history.” He said the priority at this point is burying the birds according to state
regulations.
Source: http://www.newsrecord.com/content/2010/09/24/article/official_up_to_60000_chickens_killed_in_powe
r_outage_at_nc_farm
29. September 23, Porterville Recorder – (California) Steam tank causes explosion in
citrus packing plant. A steam tank exploded the night of September 22 at a citrus
processing and packaging plant in Lindsay, California causing damage to the tank,
walls and roof of the building. According to the Lindsay Department of Public Safety,
all workers were accounted for and no one was injured. The plant — California Citrus
Producers, Inc., is located at 525 E. Lindmore St.
Source: http://www.recorderonline.com/news/steam-46622-citrus-tank.html
[Return to top]
Water Sector
30. September 24, Associated Press – (Missouri) DNR says 49 systems in Mo. failed to
test water. Missouri officials said nearly 50 drinking water systems have violated state
law by failing to complete required water testing. The state Department of Natural
Resources (DNR) September 23 released a list of 49 drinking water systems that had at
least three major water monitoring violations in a 12-month period. The DNR said
routine testing by a facility is an important part of maintaining a safe water supply. But
the DNR said failing to test regularly does not mean the water is unsafe. The state has
2,800 public drinking water systems.
Source: http://www.koamtv.com/Global/story.asp?S=13210252
- 12 -
31. September 24, Evansville Courier and Press – (Indiana) Minor leak of oil-water mix
detected on LST 325. On September 23, crews will inspect a holding tank on the LST
325 that was reported to be leaking an oil-water mix September 23 into the Ohio River
at its Marina Pointe dock in Evansville, Indiana. City officials said an oil sheen near the
ship was reported about September 23. No cause for the leak has been identified. The
leak was less than 2,000 feet upstream from the Evansville Water and Sewer Utility’s
filtration plant on Waterworks Road. Booms and absorbent pads were deployed around
the leak within minutes of receiving notification, said the executive director of the
Evansville Department of Sustainability, Energy and Environmental Quality. The
ship’s captain estimated the leak, coming from a “slop tank” located midship on the
starboard side, was about 1 gallon per hour. The tank is used to contain bilge water, a
mix of water, diesel and oil that collects within the hull of the ship. Portable pumps
were used September 23 to transfer the remaining bilge water to a ballast tank on the
ship, minimizing the volume of the leak. The captain said between 10 and 20 gallons of
contaminated water likely were released, although no firm numbers were available. The
U.S. Coast Guard has been observing the response and offering technical assistance as
required.
Source: http://www.courierpress.com/news/2010/sep/23/minor-leak-of-oil-water-mixdetected-on-lst-325/
32. September 23, Seattle-Tacoma News Tribune – (Washington) Broken pipe spills
sewage into canal. A broken sewer main in Connell, Washington, had dumped about
36,000 gallons of sewage into the storm drainage canal over a 6-hour period, officials
said. The discharge may increase the presence of bacteria in the canal, and direct
contact with canal water should be avoided, said the public works director.
Source: http://www.thenewstribune.com/2010/09/23/1353309/broken-pipe-spillssewage-into.html
33. September 23, Charleston Gazette – (West Virginia) Water/soda ash mixture spills
into Kanawha at DuPont. A truck that was pumping water and a base ash into tanks at
DuPont’s Belle Plant in Charleston, West Virginia September 23 accidentally
overflowed the pump, dumping gallons of the mixture into the Kanawha River. The
truck was pumping the water and soda ash mixture into a pump head, said the Kanawha
County director of emergency services. The pump head is where all individual pumps
pick up the mixture and transfer it to the wastewater treatment plant. A DuPont
spokesman said in an e-mail September 23 the incident occurred at about 7:20 p.m.
“Plant personnel were conducting routine maintenance work in the plant’s wastewater
treatment plant when a sump overflowed, spilling a water/soda ash solution with a
slightly elevated pH level of 9 into the Kanawha River through the plant’s outfall,” he
said, adding, “During the ongoing maintenance work, the plant has been using the
water/soda ash solution to control odor in the wastewater treatment tanks.” DuPont said
the truck pumped the mixture too quickly, causing the drain that goes in to the pump
head to overflow and spill into the surface drain, which leads into the river. The
director said he was unsure how much of the mixture was leaked in to the river, but he
did say the truck held 2,000 gallons of the soda ash and water mixture. However, he
added, it is unlikely that all of that spilled into the river because it was attached to the
- 13 -
pumps. The leak was stopped within a short time.
Source: http://wvgazette.com/News/201009230861
34. September 23, Associated Press – (Louisiana) Ex-sheriff pleads guilty to Clean
Water violation. A former Iberia Parish sheriff has pleaded guilty to violating the
Clean Water Act by negligently operating a water treatment facility in Lafayette,
Louisiana. He was part-owner and president of Environmental Compliance Solutions
LLC when state regulators inspected a company facility in June 2009 and found
wastewater bypassing the filtration system and flowing into the Port of Iberia’s
Commercial Canal. Federal prosecutors said September 22 that he and the company
have agreed to shut down the facility and pay a fine of $50,000. The man faces a
maximum prison sentence of 1 year. No sentencing date has been set.
Source: http://www.wxvt.com/Global/story.asp?S=13202987
35. September 23, Columbus Dispatch – (Ohio) Southwest Licking water line repaired;
boil advisory remains. Thousands of homes and some businesses in western Licking
County went without water for hours September 23 after a water-main break along Rt.
40 in Etna Township, Ohio. The general manager for the Southwest Licking Water and
Sewer District said the line was repaired by early afternoon, restoring water pressure
that had been lost after a 16-inch transmission line ruptured September 22 along Rt. 40
near Smoke Road. Workers found the break about 9:30 a.m., and worked throughout
the day to repair it. A boil advisory for customers west of Smoke Road will stay in
effect until at least the afternoon of September 24. The district serves residents of Etna
Township, Harrison Township and parts of Pataskala.
Source:
http://www.dispatch.com/live/content/local_news/stories/2010/09/23/southwestlicking-water-failure.html?sid=101
36. September 23, Portland Oregonian – (National) EPA unveils plan to reduce
Columbia River’s toxic pollution. After five years of work, the U.S. Environmental
Protection Agency (EPA) has released a new multi-state plan to reduce the Columbia
River’s toxic pollution, including tighter pollution standards, more public education
and upgrading the patchwork tracking of pollutants in the massive basin. Funding for
the “action plan” remains uncertain. And it comes after two decades of tribes
documenting toxic pollution in the river and its fish. The plan includes 61 actions to
reduce pollution that range from boosting stormwater controls to promoting toxics-free
certification programs for consumer products to expanding collection of pesticides and
household hazardous wastes. Pollutants of concern include mercury, the now-banned
pesticide DDT, and fire retardants released to the river from sewage treatment plants.
Some of the actions, such as convening scientific panels and identifying contaminated
sites, can be implemented within current budgets. But the EPA’s Columbia River
coordinator, said the agency needs $5 million to $6 million to implement some
significant “early actions,” including more widespread public education, mercury
collection and pesticide reduction efforts with agriculture. If successful, bills pending in
the U.S. Congress could help provide more money by September 2012, said the EPA’s
Columbia River coordinator.
- 14 -
Source:
http://www.oregonlive.com/environment/index.ssf/2010/09/epa_unveils_plan_to_reduc
e_col.html
For another story, see item 9
[Return to top]
Public Health and Healthcare Sector
37. September 24, Reuters – (National) Amgen, J&J anemia drugs recalled over glass
flakes. Amgen Inc and Johnson & Johnson are recalling their Epogen and Procrit
anemia treatments because of the potential for barely visible glass flakes in vials
containing the injectable medicines. The contaminated product has the potential to
cause serious problems, including dangerous blood clots, Amgen said in a press release
announcing the recall. However, Amgen said there had been no complaints that can be
directly attributed to the presence of glass. It said certain lots were being voluntarily
recalled as a precaution. The glass flakes result from the interaction of the drug with
glass vials over the shelf life of the product, Amgen said, Amgen manufactures Epogen
and Procrit in the United States, where it sells Epogen, and J&J’s Centocor Ortho
Biotech unit distributes Procrit. J&J has been dealing with a rash of recalls for its
consumer medicines. Amgen said the recall is being conducted in cooperation with the
U.S. Food and Drug Administration. The drugs have been blockbuster products for the
companies, but their sales and those of other anemia drugs, which boost red blood cells,
have fallen sharply in recent years because of concerns over potential heart risks from
overly high doses.
Source: http://www.reuters.com/article/idUSTRE68N2WB20100924
38. September 24, WTIC 61 Hartford – (Connecticut) Evacuation At UConn Health
Center. The New England Orthopedic building at the University of Connecticut
(UConn) Health Center in Farmington has been evacuated after employees reportedly
smelled a strange chemical odor September 24. Over two dozen people were evacuated
from the first and second floors of the New England Orthopedic building on the lower
campus around 9:30 a.m., according to a spokesman for the UConn Health Center.
There are no report injuries or anyone sick. Crews have located the source of the odor
in a storage room on second floor of the building, which is an outpatient building.
Source: http://www.courant.com/community/farmington/hc-uconn-health-centerevacuation-0924,0,3880643.story
39. September 23, FierceHealthcare – (Arkansas) Patient information found on
interstate. In the latest patient privacy breach, a woman who noticed lots of paper all
over the road while driving on I-30 in Arkansas later discovered two pieces of paper
wedged in the grill of her car. The pages, which contained patient information, were
some 75 miles away from the hospital where they were generated. “We just thought
that somebody had lost a load,” the woman said. The papers included the names of two
patients, addresses, the reason for their visits to 170-bed Saint Mary’s Regional
- 15 -
Medical Center in Russellville, Arkansas, and their Social Security numbers. The
revelation is intriguing, because St. Mary’s document disposal process involves
shredding on-site. During the video clip of newscast, Today’s THV shows the
crumpled patient information with the identifying information whited out. While
denying that any documents were found on the highway or that other documents might
be there, officials at St. Mary’s, which is part of the Capella Healthcare system, are
taking the claims seriously. After hospital officials questioned the woman’s credibility,
she went back to where she found the documents and after hours of looking spotted
hundreds of papers along I-40 near Forrest City. The hospital is continuing its
investigation.
Source: http://www.fiercehealthcare.com/story/patient-information-foundinterstate/2010-09-23
[Return to top]
Government Facilities Sector
40. September 24, Middletown Journal – (Ohio) Threat to blow up school leads to arrest
of student. A 16-year-old Edgewood High School student has been charged with
making threats on Facebook to blow up the Trenton, Ohio school and shoot classmates,
according to the Butler County Sheriff’s Office. Detectives were alerted late September
20 that the teen was making threats on his online social networking page. The teen was
arrested September 21 on charges of inducing panic, a second-degree felony. A police
spokesman said a student saw the threat on the teen’s Facebook page and contacted the
school resource officer, who in turn called detectives and school administrators. “The
system worked the way it should,” he said. The spokesman said the teen’s parents were
cooperative, and detectives were able to determine the boy had no explosive devices or
guns to carry out his threats.
Source: http://www.middletownjournal.com/news/crime/threat-to-blow-up-schoolleads-to-arrest-of-student-941055.html
41. September 23, WXIA 11 Atlanta – (Georgia) Coast clear after bomb threat at Atlanta
preschool. Police found a can of paint, but no explosives after a bomb threat was called
into an Atlanta, Georgia preschool shortly before 2 p.m. September 23. The incident
shut down several streets around the Premier Academy Minnie Howell Child
Development Center on Macedonia Road, just east of Hapeville, Georgia. An Atlanta
police spokesman said the SWAT team, bomb squad, K-9 units and Zone 3 police
combed the area with Atlanta fire standing by. But no device was found, just a can of
paint outside the building. An all clear was given at 3:15 p.m., and parents were
allowed to pick up their children.
Source: http://www.11alive.com/news/local/story.aspx?storyid=155323&catid=3
42. September 23, El Paso Times – (Texas) Fort Bliss officials defend post’s notification
system. Fort Bliss September 22 defended the system used to alert Army personnel of
the shooting at a convenience store that left two people dead. The post in Fort Bliss,
Texas sent out an initial alert September 20 when a retired Army sergeant shot two
- 16 -
women in the head at a post convenience store. The alert did not mention the shooting,
but it informed personnel to stay clear of the area. Questions about the effectiveness of
the system arose September 22 during a news conference with the post commander.
The emergency manager for Fort Bliss said the alert was distributed through a massnotification system inside the post’s installation operation center. The system
distributed e-mail, text and voice messages to Army personnel in less than 6 minutes,
he said. The system, which cost more than $200,000, includes 22 workstations, several
televisions and a projection screen. It was installed about 6 months ago, he said. The
emergency manager said the post tests the system every Wednesday, but that the post
used the system in an official capacity only six or seven times. “The Monday incident
was the first of that nature,” he said. “Most of the incidents were weather-related —
high winds, rain and flooding.”
Source: http://www.elpasotimes.com/news/ci_16149173?source=most_viewed
43. September 22, Associated Press – (Illinois) Army veteran in Ill. accused of
threatening Obama. An Army veteran arrested after a 7-hour standoff was charged
September 22 with threatening to kill the U.S. President as part of what authorities said
was his plan to ignite a war between Muslims and Christians and “start an apocalypse.”
He added he carried out the bomb ploy because he is “anti-government.” Federal agents
arrested the 50-year-old suspect when he surrendered September 22 at his home in East
St. Louis, Illinois after the confrontation, in which he insisted a bulky belt he wore and
three storage containers on his Fairview Heights property were packed with explosives.
The FBI and the criminal complaint said the belt turned out to carry only inert puttylike material — similar to children’s molding clay — made to look like high-grade
explosives, with wires attached to a curling iron the suspect claimed was a triggering
device. Nothing dangerous was found in the storage drums. The suspect was in custody
and was scheduled to appear in federal court September 23 on one count apiece of
making a threat against the President and making false threats to detonate an explosive
device. Bond was not immediately set.
Source: http://www.washingtonpost.com/wpdyn/content/article/2010/09/22/AR2010092204678.html
For another story, see item 55
[Return to top]
Emergency Services Sector
44. September 24, Sarasota Herald-Tribune – (Florida) Drugs vanish from lock-up in
Manatee County. An embarrassing question is hanging over the Manatee County
Sheriff’s Office in Bradenton, Florida these days: What happened to 260 pounds of
marijuana and 2 kilograms of cocaine that were supposed to be stored safely in an
evidence room? The only certainty is the drugs have vanished, and two suspected drug
dealers could beat their charges at trial if the evidence does not turn up. The
disappearing dope underscores a history of property problems at the agency, which has
long shuffled evidence between seven different sites, once had a water leak that
- 17 -
contaminated evidence in 3,600 criminal cases, and has failed to catalog hundreds of
items that were sent to an incinerator because of mold.
Source:
http://www.heraldtribune.com/article/20100924/ARTICLE/9241049/2107/BUSINESS
45. September 24, Associated Press – (Alabama) Wrapped DVD leads to evacuation in
Ala. city. What turned out to be a DVD player wrapped up as a Christmas package led
to a road closing and evacuations in Jasper, Alabama.. Authorities said a man walked
into the Jasper Police Department September 23, screamed profanities and walked out,
leaving behind a gift-wrapped package. Fearing the possibility of a bomb, officials
brought in an explosives unit, closed a road and evacuated several buildings in the area.
Then they used a water cannon to destroy what police believe was a portable DVD
player. Police said a 49-year-old of Jasper was jailed and could face several charges,
including disorderly conduct. Officers said the man had outbursts at several other
locations across the city.
Source: http://www.wtvm.com/Global/story.asp?S=13210943
46. September 23, San Diego Union-Tribune – (California) Nightmarish earthquake drill
set for San Diego. San Diego State University in San Diego, California is hosting a
huge 2-day earthquake drill that’s meant to explore how effective social media can be
in spreading news and information about a catastrophe. Twitter was widely used in the
aftermath of the quake that killed more than 200,000 people this year in Haiti and
during this summer’s deadly floods in Pakistan. Emergency planners and relief
agencies wanted a closer look at how such messaging works, leading to Exercise 24, or
“X24,” a drill that involves mock quakes, tsunamis, oil spills and fires. The drill was
slated to begin at 9 a.m. September 24 when a test message goes out on Twitter
reporting that a 9.2 earthquake has occurred. The specific message, or “tweet,” reads:
“#X24 is a TEST:not real. 9.2 earthquake hit Southern California. This is a DRILL. To
participate or 4 more info go to http://bit.ly/exer24”. That announcement will be
followed by dozens of additional test messages that report on disastrous consequences,
ranging from a tsunami that swamps San Diego’s North Island to shaking that breaks
the commuter rail line in northern Encinitas.
Source: http://www.signonsandiego.com/news/2010/sep/23/nightmarish-earthquakedrill-set-san-diego/
For more stories, see items 52 and 54
[Return to top]
Information Technology Sector
47. September 24, SC Magazine UK – (International) More than 6,000 Russian domains
registered in two weeks as spam domains move back to .ru. Spammers are
increasing the use of Russian domain registrars for their various spam campaigns with
up to 600 domains registered at once. Detection by M86 Security of a continuous
stream of newly registered .ru domains in spam e-mail has led to one third of all unique
- 18 -
domains being a .ru domain. Almost all of the .ru domains are registered though two
registrars, Naunet and Reg.ru, with spammers generally advertising each domain for
only few hours and registering new ones all the time. It said that in the last month from
spam alone, it has seen over 4,000 .ru domains registered through Naunet. These are
hosting a variety of spam Web sites including ultimate replica, Dr Maxman, online
casinos, via grow and Eurosoft software. Although the spammed Web sites are
generally non-malicious as they do not try to exploit vulnerabilities on the visitor’s
machine, M86 said it has seen domains registered with both of these registrars used as
controllers for the Zeus crimeware kit. Naunet was recently used to register domains
used as control servers for the Asprox botnet, although these were done on a much
smaller scale than the spam domains.
Source: http://www.scmagazineuk.com/more-than-6000-russian-domains-registered-intwo-weeks-as-spam-domains-move-back-to-ru/article/179464/
48. September 24, SC Magazine UK – (International) Gartner: Difficulties in monitoring
outsourced applications could lead to undetected access from within the
provider. It can be difficult to monitor internal and external interception inside
outsourced applications. A Gartner Research vice president said that if applications and
services are to be put into the cloud, they need to be properly monitored for malicious
activity. He said that with cloud-based monitoring, five things can be put in but then
there are “five blind spots,” and security managers need to make sure that they are part
of the decision for monitoring requirements. Asked if providers should offer event
monitoring as a service, he said: “Take a managed security service provider (MSSP), a
cloud provider who delivers a service via the Internet using service infrastructure and
using Internet technology in a scalable shared environment.” “You can slap the cloud
label on the MSSP if you like, I think the monitoring issue at the application layer is
what I described — you need to get the cloud application provider to generate the audit
trail that you require. If you look at other layers in the stack the problem is different, if
you use the Amazon environment you can use their servers, and their images are going
to produce logs like any server would, you should be able to pick those up.”
Source: http://www.scmagazineuk.com/gartner-difficulties-in-monitoring-outsourcedapplications-could-lead-to-undetected-access-from-within-the-provider/article/179471/
49. September 24, The H Security – (International) Vulnerability exploited by Stuxnet
discovered more than a year ago. One of the vulnerabilities exploited by the Stuxnet
worm was apparently not all that new. The printer spooler vulnerability was described
in an article in the April 2009 edition of hakin9, a Polish publication that is fairly well
known in hacking circles. The article was entitled “Print your Shell”. The security
specialist who wrote the article also published a demo exploit for the vulnerability.
Microsoft fixed a vulnerability in the printer spooler last patch day and stated that
Stuxnet was exploiting the vulnerability to spread across networks. Microsoft has also
confirmed that the vulnerability in question was indeed that described by the security
specialist. It is not clear why the vulnerability was ignored for so long. After analyzing
the Stuxnet worm, Kaspersky and Symantec had stated that the vulnerability was new.
Source: http://www.h-online.com/security/news/item/Vulnerability-exploited-byStuxnet-discovered-more-than-a-year-ago-1095797.html
- 19 -
50. September 23, Computerworld – (International) Hackers exploit latest Microsoft
zero-day bug. Microsoft has warned users that hackers are exploiting the unpatched
bug in ASP.Net to hijack encrypted Web sessions. In a September 20 update to a
previously-published security advisory, Microsoft said that it was seeing “limited,
active attacks at this time.” Symantec said it had not seen any attacks, however. The
company did not set a delivery date for the fix. “We will be releasing a patch on
Windows Update, so all machines will get it,” said the Microsoft executive who runs
the ASP.Net development team. Until the company releases a fix, the executive
continued to urge Web site and application developers to plug the hole with a
temporary workaround that involves editing the “web.config” file. SharePoint Server
2007 and SharePoint 2010 are also vulnerable to ASP.Net attacks, said Microsoft. The
SharePoint team has published different web.config editing instructions for its
collaboration software. “The publicly disclosed exploit can be used against all types of
ASP.NET applications,” the executive said in an FAQ he posted September 20.
Source:
http://www.computerworld.com/s/article/9187519/Hackers_exploit_latest_Microsoft_z
ero_day_bug
51. September 22, USA Today – (International) Free anti-virus protection spurs more
robust options. No-cost basic anti-virus (AV) protection is fast catching on. A recent
Morgan Stanley survey of 2,500 U.S. consumers showed 46 percent of the respondents
used free anti-virus products. This trend is expected to continue. Anti-virus giants have
begun stepping up marketing campaigns to convey why full AV suites, priced from $30
to $80 for 1 year’s worth of continuously updated protection, are well worth the money.
“Freeware vendors have created a false perception that free, basic security is enough to
protect you from today’s online threats,” said the president of Symantec’s consumer
business unit. “The reality is, free is not enough. It’s like wearing a light windbreaker
in a snowstorm.” A USA Today survey of 16 anti-virus companies shows that no-cost
anti-virus programs generally lack important features such as a firewall, Web site
health checks, automatic updates, and customer support. Symantec, McAfee and most
others, for instance, incorporate technology designed to predict, rather than react to,
new attacks. Complicating matters, a thriving “scareware” criminal industry revolves
around mimicking free infection scans of a user’s PC, a promotional tool used by
legitimate AV vendors.
Source: http://www.usatoday.com/tech/news/computersecurity/2010-09-22antivirus22_CV_N.htm
For another story, see item 18
Internet Alert Dashboard
To report cyber infrastructure incidents or to request information, please contact US-CERT at sos@us-cert.gov or
visit their Web site: http://www.us-cert.gov
Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and
Analysis Center) Web site: https://www.it-isac.org
- 20 -
[Return to top]
Communications Sector
52. September 24, Government Computer News – (Mississippi) Mississippi systems
controls cell phone use in prison without jamming signals. Mississippi State
Penitentiary officials appear to have taken a big step toward solving the problem of cell
phone use within prisons without violating federal law against jamming radio signals.
Earlier this month, the state’s department of corrections announced it had signed an
agreement with Global Tel Link and Tecore Networks to immobilize illegal cell phones
used by inmates at the state penitentiary in Parchman, according to an Associated Press
report in the Kansas City Star. The systems employs radio frequencies to intercept
unauthorized transmissions, but allows authorized and 911 calls to go through. More
than 216,320 texts and cellular phone calls have been blocked from being delivered
inside Parchman since August 6, according to a report in the Clarion Ledger in
Mississippi. Telcore’s marketing vice president told AP the system checks all calls
before blocking or allowing them. “Any cell phones brought in register with our system
before they go out to the tower of the commercial cell carriers,” he said. “It will go
through our system first and go through the database and see if it is an authorized
phone. If it is, it’ll be sent out to complete the call, but if it’s not, it’ll be held by our
system.” The system amounts to access control, rather than the jamming of signals,
which is something prison officials have asked for but so far been denied. A 1934 law
forbids anyone but federal agencies from jamming public airwaves.
Source: http://gcn.com/articles/2010/09/24/sl-cell-phone-jamming-prisons.aspx
53. September 23, WSPA 7 Spartanburg – (South Carolina) Thieves steal copper from
cell phone towers. The Greenville County Sheriff’s Office arrested two men in
connection to a series of copper thefts from cell phone tower locations in Greenville,
South Carolina. Dating back to the first part of August, through mid-September, the
men are accused of accessing the areas around cell phone towers and stealing copper
wire and bars. Deputies said they would then take the copper to area scrapyards where
they would sell it. One of the men, who was arrested September 18, faces three counts
of Injury to Real Property to obtain Nonferrous Metals, two counts each of Criminal
Conspiracy and Grand Larceny, as well as one count each of Unlawful
Possession/Transportation of Nonferrous Metals weighing more than 25 pounds and
Petit Larceny. The other, who was arrested September 22, faces three counts each of
Injury to Real Property to obtain Nonferrous Metals and Criminal Conspiracy, as well
as one count each of Grand Larceny and Petit Larceny.
Source: http://www2.wspa.com/news/2010/sep/23/thieves-steal-copper-cell-phonetowers-ar-868656/
54. September 23, Nextgov – (National) Senator, first responders lay claim to open
spectrum. If public safety agencies do not receive more spectrum or a system is not in
development by September 2011, 10 years after the terrorist attacks on the World Trade
Center and Pentagon, it would be a “sheer national embarrassment,” a U.S. Senator said
at a hearing September 23. The Senator, D-W.Va., and chairman of the Commerce,
- 21 -
Science and Transportation Committee, said the United States should have a
nationwide, interoperable wireless broadband communications system. A Houston
mayor echoed the Senator’s comments during her testimony. “It is unconscionable that
9 years after Sept. 11 and 5 years after Hurricane Katrina we still do not have a
nationwide interoperable public safety broadband network,” said the mayor, who is
chairwoman of the criminal and social justice committee for the U.S. Conference of
Mayors. Public safety officials argued they need an additional 10 megahertz of
spectrum that is available next to space they currently use so they can communicate
without multiple devices. Public safety officials said a plan to sell the spectrum but
have it available for public safety use during emergencies is not feasible. “[That]
simply will not work for public safety,” said the police chief in San Jose, California.
Source: http://www.nextgov.com/nextgov/ng_20100923_6235.php
55. September 23, Government Computer News – (National) DNSSEC spreads slowly
through government domains. Nine months after the deadline for federal agencies to
implement DNS Security Extensions in their Internet domains, a little more than onethird have successfully deployed the security protocols, according to a new study. The
study, conducted for the Internet security company Internet Identity, found that 38
percent of the federal domains tested had been digitally signed using the DNSSEC by
mid-September. But 2 percent were incorrectly configured so that signatures could not
be validated. The news was not entirely bad, said the president and CTO of Internet
Identity. “It’s not as bad as I feared, but it’s not as good as I had hoped for,” he said.
Source: http://gcn.com/articles/2010/09/23/governmemt-slow-to-deploy-dnssec.aspx
For another story, see item 47
[Return to top]
Commercial Facilities Sector
56. September 24, Salem Statesman Journal – (Oregon) Suspicious bag outside church
not a bomb. Police bomb technicians determined a suspicious package left near a
Salem, Oregon, church September 23 was a Pizza Hut bag containing two
microphones. Two men wearing bandannas over their faces put the paper bag and a
note outside SonRise Church about 2:30 p.m. The Salem bomb squad responded and
used a robot to look at the contents of the bag. The microphones had been borrowed
from the church a few days ago, a Salem police officer said. The note in the bag was
directed at the church and said Jesus was a Communist, and “hail Satan.”
Source:
http://www.statesmanjournal.com/article/20100924/NEWS/9240334/1001/NEWS
57. September 23, Southwest Riverside News Network – (California) Pechanga parking
structure closed for several hours because of suspicious device. The parking
structure at the Pechanga casino in Temecula, California, was closed for several hours
as authorities examined a suspicious item found in a vehicle. Deputies shut down the
parking structure after receiving a call from Pechanga security officers at 3:20 a.m.
- 22 -
September 23. The parking structure was reopened at 6:15 a.m. after members of the
sheriff’s department hazardous device team determined the device was a bundle of
illegal fireworks. The incident started when Pechanga security officers contacted two
people sitting in a vehicle in the north parking structure of the casino and subsequently
located a quantity of methamphetamine with the passenger of the vehicle. A search of
the vehicle by deputies revealed an object that presented the image of a possible
destructive device.
Source: http://www.swrnn.com/southwest-riverside/2010-09-23/news/pechangaparking-strucure-closed-for-several-hours-because-of-suspicious-device
[Return to top]
National Monuments and Icons Sector
58. September 24, Associated Press – (California) 50-acre fire burns in Southern
California forest. Lake Elsinore, California, firefighters have gotten a good handle on
a 50-acre fire in the Cleveland National Forest. U.S. Forest Service (USFS)
spokeswoman said the fire broke out September 23 in the mountains between Orange
and Riverside Counties and is 75 percent contained. State Route 74 was closed for
several hours but has been reopened. The fire threatens a camp for the El Cariso
Hotshot firefighters, a conservation camp and a church camp. About 300 firefighters
and 10 water-dropping aircraft are fighting the blaze, which is burning in thick
chaparral. The cause of the fire is under investigation. The USFS spokeswoman said
the fire should be fully contained by September 26, but crews are bracing for low
humidity and high heat this weekend.
Source: http://www.signonsandiego.com/news/2010/sep/24/50-acre-fire-burns-insouthern-california-forest/
59. September 23, KXLF 4 Butte – (Montana) Antelope fire grows to 2,800 acres in
Yellowstone National Park; road closure still in effect. The Antelope Fire, the
largest fire so far this year in Yellowstone National Park, continues to burn and has
grown to 2,800 acres. The lightning-caused fire, which is 20 percent contained, is
burning southeast of Tower Fall and west of the Yellowstone River. On September 22,
winds spread the fire south with about 300 acres of new growth. Helicopter buckets
were used to cool the area until after precipitation calmed it, according to the park. No
park entrances are closed. No lodging, campgrounds, or other visitor facilities are
closed. The Antelope Fire was discovered September 14, near the Mount Washburn
Fire Lookout in Wyoming.
Source: http://www.kxlf.com/news/antelope-fire-grows-to-2-800-acres-in-yellowstonenational-park-road-closure-still-in-effect/
60. September 23, Porterville Recorder – (California) Burnout operations under way to
contain western growth of Sheep Fire. Fire crews containing the Sheep Fire — which
has now grown to 7,887 acres — have made progress on burnout operations north of
Deer Meadow in California, an interagency U.S. Forest and National Park Service news
release said September 22. Up to this point, 4,798 acres have burned in the Sequoia
- 23 -
National Forest, including the 18 acre Marvin Fire, and 3,089 acres have burned in
Kings Canyon National Park. The current efforts are “to contain the western edge of the
Sheep Fire to reduce smoke impacts and hold the fire east of Boulder Creek. Burnout
operations and line improvements are planned to continue north along the line,” the
release said. In the canyon, fire crews crossed the Kings River by boat to improve the
northern end of the western line. Crews remain on patrol along Highway 180 in Kings
Canyon to prevent fire spread north of the Kings River. According to officials, fire
growth has slowed with cooler temperatures, however, a warming trend forecasted for
the weekend is expected to increase fire activity.
Source: http://www.recorderonline.com/news/fire-46614-sheep-operations.html
61. September 23, Associated Press – (New York) Pakistani given 86 years for firing at
U.S. troops. A U.S.-trained Pakistani scientist convicted of trying to kill U.S. agents
and military officers in Afghanistan was sentenced in U.S. District Court in Manhattan,
New York September 23 to 86 years in prison. In February, she was convicted of
grabbing a rifle and trying to shoot U.S. authorities in Afghanistan while yelling,
“Death to Americans!” In court papers, prosecutors cited threatening notes she was
carrying at the time of her detention. They directly quoted one as referencing “a ‘mass
casualty attack’ ... NY CITY monuments: Empire State Building, Statue of Liberty,
Brooklyn Bridge,” and another musing how a dirty bomb would spread more fear than
death. They claimed the notes, along with the fact that she was carrying sodium
cyanide, showed her conduct was “deliberate and premeditated.”
Source: http://www.forbes.com/feeds/ap/2010/09/23/general-us-al-qaida-suspectshooting_7954797.html?boxes=Homepagebusinessnews
62. September 21, Reuters – (Missouri) Corrosion conundrum: National Park Service
launches plan for Gateway Arch. Concerns around America’s icon of Westward
Expansion are growing. Approaching its 45th birthday, the Gateway Arch in St. Louis,
Missouri still stands as one of the nation’s most prized structures. Yet some
engineering reports paint an unpromising picture for the landmark, as it suffers from
corrosion and discoloration to its exterior. A St. Louis Post-Dispatch graphic shows the
crux of the Gateway Arch’s conundrum. Without a solid interior, the monument relies
on a combination of stainless and carbon steel to keep itself standing. Earlier studies
pinpointed a host of problems, from corroding staircases to water damage. But the
National Parks Service had limited resources to determine the full extent of necessary
repairs. “This is not yet a health and safety issue,” the deputy superintendent of the
Jefferson National Expansion Memorial told the St. Louis paper August 22. “[The
report] said learn more about what’s going on. It’s something that requires further
study.” Officials told AP September 20 that a contract is now officially in place to
move the structural foray forward.
Source: http://newsfeed.time.com/2010/09/21/corrosion-conundrum-national-parkservice-launches-plan-for-gateway-arch/
[Return to top]
Dams Sector
- 24 -
63. September 24, Associated Press – (New Hampshire) Troublesome dam in N.H. is in
for fix. A breached dam that’s been blamed for flooding for years in Hampstead, New
Hampshire is getting a fix. Selectmen in Hampstead voted September 22 to have the
town pay to clear the dam near Route 111, which is on private property but has become
such a public nuisance that town officials figure it would cost more for them not to
address it.
Source: http://www.wcax.com/Global/story.asp?S=13210846
64. September 24, Associated Press – (Minnesota; Wisconsin) Flooding threatens cities in
Wisconsin and Minnesota, forcing evacuation of dozens more homes. Flooding
caused by heavy rain that has lashed parts of Minnesota and Wisconsin forced the
evacuation September 24 of dozens of homes in the small city of Owatonna, where
swollen waterways closed bridges and threatened to swamp neighborhoods. Five
businesses in Owatonna, a city of about 24,000 residents 65 miles south of
Minneapolis, were closed due to floodwater from two creeks and the Straight River, the
Steele County commissioner said. The creeks were receding the morning of September
24 but the river was still rising. No injuries had been reported. Friday’s forecast called
for dry conditions for much of the region, offering a breather for exhausted emergency
personnel who have been working long hours to deal with the flooding. But some rivers
and streams were likely to continue to rise from as much as 10.5 inches of rain
September 23, and another storm was expected to creep into the region September 25.
In southeast Minnesota, more than a dozen homes near a dam in the small town of
Oronoco were evacuated for fear that torrential rains had weakened the dam. About 90
miles east of Owatonna in Arcadia, Wisconsin, emergency officials evacuated 343
homes September 23 as 3-foot floodwaters surged through the city’s downtown area.
Nearly half of the city’s 2,400 residents were told to seek shelter elsewhere. Crews also
worked to evacuate 80 homes in the nearby city of Black River Falls. The Wisconsin
National Guard distributed thousands of sandbags to municipalities, including 20,000
to Arcadia and 10,000 each to Neillsville and Osseo. Minnesota and Wisconsin’s
governors declared emergencies for large segments of their states September 24, and
the Minnesota governor planned to tour flood-damaged areas September 24.
Source: http://www.foxnews.com/us/2010/09/24/flooding-threatens-cities-wisconsinminnesota-forcing-evacuation-dozens-homes/
65. September 23, Associated Press – (Iowa) Winter looming, Iowa seeks fix to failing
dam. Floyd County, Iowa officials were looking this week for the quickest way to
repair a dam on the Shell Rock River near Rockford after learning that it is at risk of
failing just as winter approaches. A recent letter from the Department of Natural
Resources (DNR) said the dam is in a “state of failure” and needs to be removed or
repaired as soon as possible. The potential threat to public safety has created a sense of
urgency. Rockford is southeast of Mason City. The threat lessens downstream, where it
would be likely to rise only a foot or two and not cause as much trouble. Officials
started monitoring the dam in mid-August, when water started undercutting it. Known
as a lowhead dam, it is about 8 feet high and 170 feet long. It was built in 1872 to
power a grain mill, and is designed to have water pass over it and create a shallow pool
above it. The Floyd County conservation director said the berm that leads to the dam is
- 25 -
also of questionable safety. “It’s mixed rubble, rock and dirt. That’s not exactly a good
berm,” he said. The DNR told him to do something “immediately as soon as practical.”
He said there are no cost estimates yet. It could be a tricky fix because it the dam is old
and some potential fixes could actually cause further damage or accelerate its problems.
Part of the dam is publicly owned. The remainder is owned privately and was repaired
in 2004. Both owners will have to support the fix. One possible fix is to breach the
berm that leads to the dam and redirect water away from the dam. That would allow a
better look at the dam. The director hopes to have a better handle on solutions within
the next few weeks.
Source: http://www.chicagotribune.com/news/chi-ap-ia-rockforddam,0,3926488.story
66. September 23, WJFW 12 Rhinelander – (Wisconsin) Willow Reservior at capacity,
dam open. The Willow Reservior near the town of Little Rice in Oneida County,
Wisconsin, is almost at capacity. The National Weather Service Web site said the
Willow Flowage is at the action stage, which means the dam is open to prevent the
river from reaching the flooding stage. On the reservior side, plants are visible
underwater. According to the Wisconsin Valley Improvement Company Web site, just
6 months ago, the Willow Reservior was more than 10 feet below where it is now. The
Web site said that it is not the only reservior that is near capacity, the Rainbow
Reservior near Lake Tomahawk is also at capacity. Both reservoirs flow into the
Wisconsin River, where experts are urging people who live in any area near the river to
be cautious.
Source: http://www.wjfw.com/print_story.html?SKU=20100923212726
67. September 21, Tampa Tribune – (Florida) Pasco sues Tampa engineers over
reservoir costs. Pasco County, Florida, is suing a Tampa, Florida engineering firm to
recover some of the millions of dollars in cost overruns it spent building a sinkholeplagued reservoir in Land O’ Lakes. King Engineering led development of a county
reclaimed-water reservoir on Parkway Boulevard. The project ran into problems after
crews found sinkholes beneath the reservoir’s southern end. The sinkholes posed a risk
to the earthen berm meant to hold back as much as 100 million of gallons of irrigation
water. State water regulators forced the county to build the reservoir to reduce
irrigation demands on groundwater supplies. The Southwest Florida Water
Management District contributed more than $4 million to the project. Compensating for
the sinkholes by adding a liner, building an extra berm and pumping concrete into the
ground nearly tripled the cost of the project. What began as a $14.8-million project cost
the county more than $22 million. Additional engineering costs pushed the final tally
closer to $25 million. The county’s lawsuit, filed September 9, does not specify how
much it hopes to recoup. At a September 21 commission meeting, a commissioner put
the amount at $14 million. Commissioners have spent about $125,000 since 2007
investigating problems with the reservoir and have budgeted another $50,000 for legal
fees.
Source: http://www2.tbo.com/content/2010/sep/21/221320/pasco-suing-tampaengineers-over-cost-overruns/news-breaking/
[Return to top]
- 26 -
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily
Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site:
http://www.dhs.gov/iaipdailyreport
Contact Information
Content and Suggestions:
Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at 703-872-2267
Subscribe to the Distribution List:
Visit the DHS Daily Open Source Infrastructure Report and follow
instructions to Get e-mail updates when this information changes.
Removal from Distribution List:
Send mail to support@govdelivery.com.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at nicc@dhs.gov or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit
their Web page at www.us-cert.gov.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source
material.
- 27 -