Current Nationwide Threat Level Homeland Security ELEVATED Daily Open Source Infrastructure Report for 4 June 2009 Significant Risk of Terrorist Attacks For information, click here: http://www.dhs.gov Top Stories According to the Columbus Dispatch, federal and local investigators say an arsonist set a fire that caused an estimated $5 million to $10 million in damage last week to a manufacturing plant in Hilliard, Ohio. The facility housed HighCom Security and Wolfden Products. (See item 10) IDG News Service reports that as many as 40,000 Web sites have been hacked to redirect unwitting victims to another Web site that tries to infect PCs with malicious software, according to security vendor Websense. (See item 35) Fast Jump Menu PRODUCTION INDUSTRIES ● Energy ● Chemical ● Nuclear Reactors, Materials and Waste ● Critical Manufacturing ● Defense Industrial Base ● Dams Sector SERVICE INDUSTRIES ● Banking and Finance ● Transportation ● Postal and Shipping ● Information Technology ● Communications ● Commercial Facilities SUSTENANCE AND HEALTH ● Agriculture and Food FEDERAL AND STATE ● Government Facilities ● Water Sector ● Emergency Services ● Public Health and Healthcare ● National Monuments and Icons Energy Sector Current Electricity Sector Threat Alert Levels: Physical: ELEVATED, Cyber: ELEVATED Scale: LOW, GUARDED, ELEVATED, HIGH, SEVERE [Source: ISAC for the Electricity Sector (ES−ISAC) − [http://www.esisac.com] 1. June 3, Reuters – (International) Shell extends Bonny Light & Forcados force majeures. Royal Dutch Shell said on Wednesday its Nigerian joint venture had extended force majeures on Bonny Light and Forcados crude to include oil exports for June. A Shell spokesman from The Hague said the extension came following a revision -1- to a pipeline repair schedule due to the security situation in the area. Source: http://www.reuters.com/article/rbssEnergyNews/idUSL3103434520090603 2. June 2, Reuters – (Wisconsin) Murphy restarting WI refinery after power failure. Oil Co is restarting its 35,000-barrel-per-day Superior, Wisconsin, refinery after a power outage the morning of June 2, a spokesman said. The refinery was hit with a brief power outage lasting about 30 minutes, a spokesman said. He said he could not provide a timeline for the refinery’s return to full rates but said with the restart under way, it should be “not before long.” Source: http://www.reuters.com/article/rbssEnergyNews/idUSN0251538820090602 3. June 1, The Register – (Texas) Feds quiz former worker over Texas power plant hack. A former employee at a Texas power utility was arrested late last week over accusations he crippled its energy forecast system after launching a hacking attack. FBI agents made the arrest on May 28 after raiding the home of a former worker at Energy Future Holdings (EFH). EFH owns three Texas electricity generating outfits that run facilities including the Comanche Peak nuclear power plant. The worker was dismissed back in March over allegations he failed to pull his weight at work. Hours after the nonotice sacking, the worker’s VPN access account (which was left active) was allegedly used to log into the corporate intranet before modifying and deleting files. Proprietary company information was also transferred to a personal webmail account linked to the worker, investigators further allege. Emails sent to engineers at the Comanche Peak nuclear reactor during this hack questioned the safety of the reactor if the load were to be “increased to 99.7 percent of capacity.” The worker’s role included controlling the management of EFH power generation facilities, including the Comanche Peak reactor. He faces accusations that the hacking attack he allegedly carried out created a threat to public health or safety. However, charges detailed so far only involve less serious charges that his actions crippled an energy forecast system for a day back on 4 March, specifically an Excel file, leaving EFH unable to sell excess capacity and resulting in losses of $26,000. This type of an attack would not lead to an outage much less imperil plant safety, a control system security expert told Wired. “The people in Texas aren’t going to see their lights flicker as a result of this. This is an economic issue,” the expert said. Source: http://www.theregister.co.uk/2009/06/01/texas_power_plant_hack [Return to top] Chemical Industry Sector 4. June 3, Door County Advocate – (Wisconsin) Cause of chemical spill identified. A nail from a pallet punctured a 15-gallon drum of hydrochloric acid during transit, causing a chemical spill that shut down seven businesses in Sturgeon Bay’s industrial park May 28. The acid reacted to chemicals previously spilled on the wooden floor of the semitrailer, said the Sturgeon Bay fire chief, causing the plume of smoke when the semi door was opened. The truck was sealed when a driver from Premier Trucking, Bridgeview, Illinois, picked up the shipment of pool chemicals from Champion Packaging in Woodridge, Illinois, and delivered them to the wholesaler, Warner-Wexel -2- LLC on Jib Street in Sturgeon Bay. The driver was not aware of the spill until opening the back door of the semi to unload. The truck was carrying large quantities of both hypochlorite solution and hydrochloric acid that can be deadly when mixed. The incident resolved with no injuries. The scene was cleared later that afternoon with the help of hazardous materials specialists from Veolia. Source: http://www.greenbaypressgazette.com/article/20090603/ADV01/906030447&located=R SS 5. June 2, Greenwich Time – (Connecticut) Greenwich public safety officials conduct hazmat drills. The town of Greenwich held its first full-scale hazardous materials training on June 2. In the drill, a truck filled with dangerous chemicals stopped near the Greenwich Civic Center, and one man was knocked unconscious by powerful white smoke that began filling the area, prompting a combined response from fire, GEMS and police. “This gave us the opportunity to test the inter-agency operations,” said the deputy chief, a 13-year veteran of the fire department who oversees the department’s hazardous materials team. “It also put to the test the new civilian dispatch center. They threw us a couple of curve balls, but I thought it went well.” He supervised the drill, directing the various public safety agencies on how to respond during the scenario, which involved rescuing two of the truck’s passengers and stabilizing the vehicle full of dangerous chemicals, that if combined, could become combustible. Suited up in the most protective hazmat suits available, several firefighters pretended to handle extremely lethal chemicals, while GEMS and police protected the scene and aided the fire department. The drill, being re-enacted four times the week of June 1, was conducted by the Massapequa, New York-based Safety Consulting Group led by a New York City firefighter and hazmat specialist. Each department had several of its own vehicles at the scene, and the truck used in the drill was donated for the week by the Cos Cob moving company Callahan Brothers Inc. Source: http://www.greenwichtime.com/ci_12505383?source=most_viewed [Return to top] Nuclear Reactors, Materials, and Waste Sector 6. June 3, Midland Reporter-Telegram – (Texas; National) Waste Control Specialists to begin storing waste from Tennessee company. Waste Control Specialists LLC (WCS) said on June 2 that it will begin storing low-level radioactive waste from Studsvik Inc., an Erwin, Tennessee-based waste processor. Interim storage at WCS’ facility in Andrews County, Texas of this thermally processed Class B and Class C low-level radioactive waste will greatly reduce the risk and administrative burden of generators when compared to the use of multiple storage facilities across the United States, a news release said. “Studsvik provides a valuable national service because its process transforms the low-level radioactive waste into a safer form for storage and ultimate disposal. At the same time, Studsvik’s processing reduces the volume of low-level radioactive waste by more than 80 percent, which allows for the efficient use of valuable landfill space,” the WCS president said. “WCS is proud to participate in this innovative program to increase the safety and to reduce the volume of low-level radioactive waste.” -3- Waste Control is still awaiting a permanent waste disposal license from the Texas Commission on Environmental Quality. While the interim storage of the Studsvik material is authorized under WCS’ storage license, the Texas Low-Level Radioactive Waste Compact Commission must approve any permanent disposal of the material at the Compact waste disposal facility in Andrews, the release said. Source: http://www.mywesttexas.com/articles/2009/06/03/news/top_stories/waste_control_acce pting_waste.txt 7. June 3, Knoxville News Sentinel – (Tennessee) Officials say no radioactive material spilled. A spokesman with the Tennessee Emergency Management Agency (TEMA) said Tuesday there was no spill of radioactive material at the Yellow Freight Roadway trucking terminal in West Knoxville, although he said the shielded sources of radioactive cobalt-60 did come loose from their transportation crate. He emphasized there was never a threat to public health or workers. There were various reports about radiation levels at the scene, but the TEMA spokesman and a spokeswoman for the Tennessee Division of Radiological Health both said Tuesday radiation levels never exceeded shipping standards set by the U.S. Department of Transportation. The incident occurred Monday night. Berthold Technologies, a German company with U.S. headquarters in Oak Ridge, was shipping several of the radioactive sources to a customer in the Midwest, according to the business unit manager in Oak Ridge. The manager said the radioactive cobalt pellets are contained in multiple layers of steel and lead shielding. Each of the basketball-sized containers weighs about 200 pounds. The TEMA spokesman said the containers were repackaged Tuesday in their carrier, and the shipment was allowed to continue. The spokeswoman for the Tennessee Division of Radiological Health said the state will evaluate the incident in conjunction with the U.S. Department of Transportation to determine if there were any violations. Berthold Technologies is licensed by the Tennessee Division of Radiological Health. Source: http://www.knoxnews.com/news/2009/jun/03/officials-say-no-radioactivematerial-spilled/ For more stories, see items 3 and 11 [Return to top] Critical Manufacturing Sector 8. June 2, Associated Press – (Georgia) Chemical fire at plant forces evacuation. Gwinnett County officials say a chemical fire in Norcross forced the evacuation of several businesses. The county fire captain says the fire broke out shortly after 1 p.m. on June 2 at Suniva, which makes solar cells. He says firefighters and members of a hazardous materials team decided to allow the chemicals to burn off. He says a half-mile evacuation zone was established, but a nearby apartment complex did not have to be evacuated. Source: http://www.wmbfnews.com/Global/story.asp?S=10467205&nav=menu675_2 9. June 1, Georgetown News-Graphic – (Kentucky) Fire at Toyota damaged wastewater -4- building. An early morning fire at Toyota Motor Manufacturing (TMMK) caused no injuries and did not interrupt the company’s production schedule. A spokesman for TMMK said the fire is suspected to have began in a sludge dryer at the wastewater building near Gate 4. The dryer is used as part of the overall waste management process. Georgetown Fire Department responded to the call along with TMMK’s fire department. The fire was completely extinguished by late morning. The extent of damage or exact cause is not known. Source: http://www.georgetownnews.com/articles/2009/06/01/breaking_news/doc4a23f762ddffa 783039636.txt For another story, see item 10 [Return to top] Defense Industrial Base Sector 10. June 2, Columbus Dispatch – (Ohio) Investigators: Hilliard fire was arson. Federal and local investigators say an arsonist set a fire that caused an estimated $5 million to $10 million in damage last week to a manufacturing plant in Hilliard. A spokeswoman for HighCom Security, which provides body armor and other equipment for police and the military, said her company’s portion of the facility had only been running for about a year, as its first manufacturing plant. The building also housed Wolfden Products, which makes fiber composites for military, automotive and industrial uses. State fire marshal investigators had called in the national response team of the Bureau of Alcohol, Tobacco, Firearms and Explosives to help inspect the 75,000-square-foot building. Source: http://www.columbusdispatch.com/live/content/local_news/stories/2009/06/02/arson.ht ml?sid=101 11. June 2, New York Times – (National) U.S. accidentally releases list of nuclear sites. The federal government mistakenly made public a 266-page report, its pages marked “highly confidential,” that gives detailed information about hundreds of the nation’s civilian nuclear sites and programs, including maps showing the precise locations of stockpiles of fuel for nuclear weapons. The publication of the document was revealed on June 1 in an online newsletter devoted to issues of federal secrecy. That set off a debate among nuclear experts about what dangers, if any, the disclosures posed. It also prompted a flurry of investigations in Washington into why the document had been made public. Several nuclear experts argued that any dangers from the disclosure were minimal, given that the general outlines of the most sensitive information were already known publicly. The information, considered confidential but not classified, was assembled for transmission later this year to the International Atomic Energy Agency. The report details the locations of hundreds of nuclear sites and activities. Each page is marked across the top “Highly Confidential Safeguards Sensitive” in capital letters, with the exception of pages that detailed additional information like site maps. The report lists many particulars about nuclear programs and facilities at the nation’s three nuclear weapons laboratories — Los Alamos, Livermore and Sandia — as well as dozens of -5- other federal and private nuclear sites. One of the most serious disclosures appears to center on the Oak Ridge National Laboratory in Tennessee, which houses the Y-12 National Security Complex. The report lists “Tube Vault 16, East Storage Array,” as a prospective site for nuclear inspection. It said the site, in Building 9720-5, contains highly enriched uranium for “long-term storage.” An attached map shows the exact location of Tube Vault 16 along a hallway and its orientation in relation to geographic north, although not its location in the Y-12 complex. Source: http://www.nytimes.com/2009/06/03/us/03nuke.html?ref=global-home [Return to top] Banking and Finance Sector 12. June 2, Wall Street Journal – (National) FBI director anticipates new crime wave of financial fraud. The Federal Bureau of Investigation is braced for a potential crime wave involving fraud and corruption related to bank bailout money and the economic stimulus package, the FBI director warned on June 2. “These funds are inherently vulnerable to bribery, fraud, conflicts of interest and collusion. There is an old adage, that where there is money to be made, fraud is not far behind, like bees to honey,” the director told an afternoon gathering of business executives. Given the trillions and trillions of dollars involved in the government’s current moves to stem the economic crisis, “from the purchase of troubled assets to improvements in infrastructure, health care, energy and education, even a small percentage of fraud would result in substantial taxpayer losses,” said the director. Source: http://online.wsj.com/article/BT-CO-20090602-716656.html 13. June 2, Bozeman Daily Chronicle – (Montana) Scam claims to be First Interstate Bank. Several Bozeman-area residents have reported receiving automated telephone calls from a company fraudulently representing itself as First Interstate Bank and asking them to provide their credit or bank card information. In the message, the company tells the resident that the security of their card has been compromised. The resident is then asked to supply their card number and personal identification number so that a new card can be issued. “If you receive one of these calls, do not give any information and do not return any phone calls,” states a scam alert issued on June 2 by the Bozeman Police Department. Local law enforcement officials are asking people who receive the fraudulent calls to contact police and their bank to verify if it needs any information. First Interstate Bank is aware of the scam and advises that they would not solicit any personal information via the telephone, Internet or e-mail. Source: http://www.bozemandailychronicle.com/articles/2009/06/03/news/50scam.txt 14. June 2, Associated Press – (National) Indictment: Colo scam raked in $10M from 15 states. Two men are accused of running a $10 million Ponzi scheme based in Colorado that bilked investors from 15 states and the U.S. Virgin Islands. The defendants are accused of talking dozens of people into investing in a scheme to buy and resell electronics and appliances. An indictment handed up on May 29 and made public on June 2 charges the defendants with counts of theft and securities fraud. The indictment lists victims in Arizona, California, Colorado, Connecticut, Florida, Georgia, -6- Massachusetts, Minnesota, New Mexico, New York, Ohio, South Carolina, Texas, Washington and Wisconsin and the U.S. Virgin Islands. The indictment alleges one of the defendants claimed to have a rare and valuable master purchase agreement with a major electronics manufacturer that would allow his company, Genius Inc., to buy in bulk for wholesale resale. No such agreement existed, and money from investors was used for personal expenses, gambling and payouts to other investors, according to the indictment. An investigation concluded only $100,000 was spent on electronics and appliance purchases from June 2005 to February 2008, during which millions were raised. Source: http://www.sfgate.com/cgibin/article.cgi?f=/n/a/2009/06/02/financial/f075450D92.DTL&type=business 15. June 2, U.S. Banker – (National) FDIC setting up Committee on Community Banking. The Federal Deposit Insurance Corp.’s board of directors voted last week to create the FDIC Advisory Committee on Community Banking. Calling community banks the “lifeblood of our nation’s financial system,” the FDIC chairman said the committee “will get direct and frequent input on many issues from a cross-section of community bankers nationwide.” The chairman of the Independent Community Bankers of America and president and chief executive officer of Easton Bank praised the creation of the committee. In a public statement on May 29 he said the group will offer advice on issues such as the “latest examination policies and procedures, deposit insurance assessments and regulatory compliance matters.” Insurance coverage and credit and lending practices will also be on the agenda. Another topic on the table may well be consolidation, as the FDIC and the industry continue to face the highest level of bank failures in decades, although that prospect was not addressed by either party. “Across the U.S. right now there are still a fair number of community and regional banks with significant problems,” says a partner in Bryan Cave’s Atlanta office and a member of the law firm’s financial institutions team. Source: http://www.americanbanker.com/usb_article.html?id=20090602HP4UJM1U [Return to top] Transportation Sector 16. June 3, Associated Press – (International) Air France: False bomb threat in Buenos Aires. An Air France spokesman says the airline received a bomb threat for a flight from Buenos Aires, Argentina to Paris on May 27, but that warning proved to be false. A spokesman June 1 that an Air France agency in Buenos Aires received an anonymous phone call threatening Flight 415. He said the plane, a Boeing 777, was checked by security services who found no explosive devices and the plane was allowed to leave the Argentine capital. France’s defense minister said “we have no signs so far” of terrorism regarding the Airbus A330 plane flown by Air France that disappeared May 31 after leaving Rio de Janeiro for Paris. He said all hypotheses must be studied. A Pentagon official also said there was no indication of terrorism. Source: http://www.google.com/hostednews/ap/article/ALeqM5j8pDGy-kO3v1m6ZGkCD_J94us6QD98J980O1 -7- 17. June 2, Associated Press – (California) Flight leaves LA after nearly 3-day delay. A China Eastern Airlines flight to Shanghai finally left Los Angeles International Airport on June 2 after a delay of nearly three days that stranded 279 passengers, officials said. The flight aboard an Airbus 340-600 was scheduled to leave May 31, but was canceled after the pilot saw a light come on indicating a problem with the nose landing gear, said a manager of the airline’s local office. Passengers told the Los Angeles Times they were on the plane for several hours before the pilot canceled the flight. They said they reboarded on June 1 and sat inside for an hour on the tarmac before being told to get off again. The manager said it took some time for mechanics to diagnose the problem, and they thought they had resolved the issue on June 1. The plane had pushed back from the gate when the light came on again, forcing the pilot to cancel a second time. They found they needed more time to find a rare part to fix the warning light. “We couldn’t locate the part anywhere in the U.S.,” he said. “Usually carriers don’t have this as a spare part.” On June 2, the airline flew in a mechanic and the part from Shanghai. “Safety is of utmost importance, we don’t make any compromises on that issue,” he said. Source: http://www.mercurynews.com/breakingnews/ci_12507453 18. June 2, WSFB 3 Hartford – (New York) Train service resumes after investigation. The Rye Rail Station on the New Haven line was closed at noon June 2 while officials investigated a suspicious package. Metro North officials said a suspicious package was found on a platform just before 11 p.m. at the station in Rye, New York Metro North shut down the entire line from Manhattan to New Haven, holding all of the trains at Grand Central Station. “We left Grand Central, stopped at New Rochelle, and they made an announcement saying there was going to be a delay,” a rider said. The package ended up being a torque converter, which is an engine part from an automobile transmission, police said. Metro North said it did not belong to any of its crews. They said they are investigating who left it there and why. Members of the bomb squad were called to the station. Source: http://www.wfsb.com/travelgetaways/19633468/detail.html 19. June 2, Charlotte Observer – (North Carolina) Planes on Charlotte runway nearly collide. A Charlotte air traffic controller is under scrutiny after two planes nearly collided on a runway May 29 and came to rest 10 feet apart. The CRJ-200 regional jet was cleared for takeoff and rolling down runway 18L when a Pilatus PC-12 turbo-prop aircraft, also cleared to move onto the runway, entered at an intersection. The airport’s ground-collision alert system warned controllers, and the regional jet’s takeoff was aborted by the tower. No one was hurt in the incident. The 50-seat jet was carrying 42 passengers and three crew members and headed to New Bern. A spokeswoman for the Federal Aviation Administration said the error came from an air traffic controller and not from the pilots or crew members. Source: http://www.charlotteobserver.com/597/story/759460.html For more stories, see items 4, 7, 32, and 40 [Return to top] -8- Postal and Shipping Sector 20. June 2, Quad City Times – (Iowa) Suspicious envelope at Iowa judicial building harmless. A suspicious envelope that brought a hazardous materials crew to the state’s judicial branch building in Des Moines Tuesday morning turned out to be harmless. A lieutenant with the Iowa State Patrol said the package contained something that looked like crumpled up toilet paper in a sealed container. The hazard materials crew removed the item, tested it and found it posed no danger, the lieutenant said. The lieutenant said the package had never been intended for the judicial building and had been addressed to another courthouse, possibly in Virginia. However, the package had a return address of Iowa’s judicial building, which houses the Iowa Supreme Court. When the package did not have the proper postage, it was sent to the return address. The state patrol continues to investigate the matter along with federal authorities. Source: http://www.qctimes.com/news/local/article_8a51b4ce-4fad-11de-9669001cc4c002e0.html 21. June 1, Middletown Press – (Connecticut) Investigation continues into mailbox bomb incident. Police are continuing to search for clues in connection with a bottle-bomb incident outside a Middletown, Connecticut, residence early Saturday morning. At the same time as they continue to pursue clues into the incident, police are also suggesting the episode was “just random. The initial supposition is that the device was the work of children. Source: http://www.middletownpress.com/articles/2009/06/01/news/doc4a249a800c36d1339197 78.txt [Return to top] Agriculture and Food Sector 22. June 3, Associated Press – (Washington) Fire burns 3 buildings, chickens at Stanwood farm. A three-alarm fire has destroyed three large buildings and killed thousands of chickens at a poultry farm near Stanwood, Washington. Firefighters estimate the damage at $2.2 million. The fire broke out around midnight on June 2 and about 60 firefighters from several districts battled the fire through the early morning hours. Tanker trucks had to bring in water. The three buildings — each about 60 feet wide and 600 feet long — burned to the ground with chickens inside. Source: http://www.cattlenetwork.com/top40_Content.asp?ContentID=319656 23. June 2, U.S. Food Safety and Inspection Service – (Oregon; Washington) Oregon firm recalls ground beef products due to possible E. coli O157:H7 contamination. SP Provisions, a Portland, Oregon, establishment is recalling approximately 39,973 pounds of ground beef products that may be contaminated with E. coli O157:H7, the U.S. Department of Agriculture’s Food Safety and Inspection Service (FSIS) announced on June 2. Each identifying case code is preceded by the date code “040809” through “052809,” signifying the production date in “month/date/year” format, i.e. April 8, 2009 -9- through May 28, 2009. Additionally, each product bears the establishment number “EST. 2866” inside the USDA mark of inspection. These ground beef products were produced on various dates from April 8, 2009 through May 28, 2009, and were distributed to retail establishments as well as hotels, restaurants and institutions in Oregon and Washington. The products, produced from the same source material, were sent into commerce prior to May 29, 2009. The problem was discovered through FSIS microbiological sampling. FSIS has received no reports of illnesses associated with consumption of these products. Source: http://www.fsis.usda.gov/News_&_Events/Recall_027_2009_Release/index.asp [Return to top] Water Sector 24. June 2, U.S. Environmental Protection Agency – (Maryland; National) EPA announces $121.6 million recovery act funds for water infrastructure projects in Maryland to boost economy, create jobs and protect public health. In a move that stands to create jobs, boost local economies, improve aging water infrastructure, and protect human health and the environment for the people in the State of Maryland, the U.S. Environmental Protection Agency (EPA) has awarded over $121.6 million to the Maryland Department of the Environment. An unprecedented $6 billion dollars will be awarded to fund water and wastewater infrastructure projects across the country under the Recovery Act in the form of low-interest loans, principal forgiveness and grants. At least 20 percent of the funds provided under the Recovery Act are to be used for green infrastructure, water and energy efficiency improvements and other environmentally innovative projects. Source: http://yosemite.epa.gov/opa/admpress.nsf/0/E13DA3BA4959DCDD852575C90057C1D 7 25. June 2, Water Technology Online – (National) Proposed bill addresses utilities’ chemical security. The American Water Works Association (AWWA) legislative director reported May 28 that two House committees are drafting legislation on chemical facility security that would significantly affect drinking water utilities. The proposed legislation, expected to be introduced in June, would require drinking water utilities to develop — and then update every five years — vulnerability assessments, site security plans and emergency response plans. According to the director, the current law that established a federal security program for facilities manufacturing, using or storing potentially hazardous chemicals, including chlorine gas, is set to expire at the end of September. Drinking water and wastewater utilities currently are exempt from such law. He said a key point of contention between the drinking water community and congressional staff the past year has been the issue of “inherently safer technologies (IST),” now titled “methods to reduce the consequences of a chemical release from an intentional act.” Congressional staff has said the primary chemical they are targeting is gaseous chlorine. According to the director, “AWWA strongly believes that the choice of chemicals or processes should remain a local decision because the choice of disinfectants is based on local water chemistry, local environmental factors, the targeted - 10 - pathogens, plant worker safety and similar factors.” Source: http://watertechonline.com/news.asp?N_ID=72001 26. June 1, Las Vegas Review-Journal – (Nevada) Lake level trigger for pipeline project. For the first time, the Southern Nevada Water Authority has established a direct link between its multibillion-dollar pipeline project and the shrinking water level at Lake Mead. If Lake Mead’s elevation falls another 23 feet, the water authority board will be asked to give the official go-ahead to construct the pipeline. The lake trigger is the newest addition to the authority’s Water Resource Plan, which plots how the valley’s wholesale water supplier expects to keep local taps running amid unprecedented drought on the Colorado. Board members have already approved the pipeline concept and signed off on ongoing efforts to secure water rights and environmental permits, but they have never actually voted to build the project. That decision will come if, or perhaps when, the surface of Lake Mead sinks to elevation 1,075, a low-water mark not seen since 1937 when the reservoir was being filled for the first time. The Water authority general manager does not know when the trigger point might be reached. Current projections by the U.S. Bureau of Reclamation call for Lake Mead to remain above 1,075 for the next two years at least. The closest it is expected to come is in July, when the reservoir is projected to slip below elevation 1,092 for the first time since March 1965. The problem, the manager said, is that bureau projections are based on average flow, and the Colorado has been anything but average over the past 10 years. Source: http://www.lvrj.com/news/46614562.html 27. May 31, Newsday – (New York) Tab for Jones Beach water tower fix doubles to $6.1m. A massive project to repair the crumbling brick and rusted steel of the historic Jones Beach water tower will cost $6.1 million — nearly twice as much as originally budgeted — and take at least four months longer than expected. Unanticipated damage to the steel frame, caused by years of water and salt air, could not be seen immediately, park officials said. “After they removed the concrete and brick encasement around some of the structural steel, they found severe corrosion,” said the regional director of the state Office of Parks, Recreation and Historic Preservation. Once the problem was uncovered, he said, work halted from January until this month. And the steel problem cannot be addressed until the state attorney general and comptroller approve a $2.9million change order to expand the scope of the contract. The work had been scheduled to be completed in September. “We don’t know what the ultimate date will be until we get the contract approved,” he said. He said the deterioration so far has had no impact on supplying water to the park from the 300,000-gallon water tank inside the tower. Source: http://www.newsday.com/business/nylipark0112815181may31,0,6134932.story For another story, see item 9 [Return to top] Public Health and Healthcare Sector 28. June 3, Xinhua – (International) WHO getting closer to declaring A/H1N1 pandemic, - 11 - says official. As the A/H1N1 flu virus spreads further around the world, the World Health Organization (WHO) is getting closer to declaring a full pandemic, a senior official of the UN agency said on Tuesday. “Globally we believe that we are at phase 5, but we are getting closer to phase 6,” said WHO’s assistant director-general, referring to the WHO’s six-phase pandemic alert system. The new virus is causing more and more infections in countries outside of North America, notably in Britain, Spain, Japan, Australia and Chile. According to the WHO’s current pandemic alert system, phase 6 will mean the A/H1N1 flu virus causes sustained and community-level human-to-human transmission in regions outside of North America, so far the only region where community-level outbreak has been confirmed. So far the virus has caused nearly 19,000 cases of infections in 64 countries and regions, including 117 deaths, the WHO said. Source: http://news.xinhuanet.com/english/2009-06/03/content_11477546.htm [Return to top] Government Facilities Sector 29. June 3, Associated Press – (North Carolina) Police arrest juvenile in NC school threat. A North Carolina student faces a felony charge after police said the student wrote a bomb threat on a bathroom wall. Multiple media outlets report that the Morehead City Police Department charged the juvenile with making a false report about a destructive device. A police spokesman said the student was in a juvenile holding facility. The student’s name has not been released. Police said the student admitted making the threat Tuesday that closed Morehead City Middle School. Source: http://www.newsobserver.com/1565/story/1553636.html 30. June 2, Softpedia – (National) FBI network shut down because of computer virus. The Federal Bureau of Investigation was confronted with a cyber-security incident last week when a virus penetrated its unclassified network. The unnamed threat prompted technicians to shut down the network and the e-mail system associated with it for 48 hours. In an official statement posted on its website, the FBI attempts to clarify what it claims are “factual errors and inaccuracies” in media reports regarding the incident. While the Bureau does not negate the security breach, it stresses that only its unclassified network was affected. Furthermore, it explains that it was not the virus that caused the network shutdown, but FBI’s own technicians, who were trying to contain the issue and address it. Source: http://news.softpedia.com/news/FBI-Network-Shut-Down-Because-ofComputer-Virus-113139.shtml 31. June 2, Chicago Tribune – (Illinois) Powder at Gutierrez’ office a false alarm. A suspicious powder that prompted a brief evacuation of the building that houses a U.S. Representative’s Chicago office proved to be sawdust and pencil shavings, a Fire Department spokesman said. Officials Tuesday morning evacuated the building at 2201 W. North Ave. after a suspicious package arrived. Firefighters and police officers were called to the scene about 9 a.m. Tenants received the all clear to return after about 15 minutes. A press release later issued by the congressman said a letter sent with the - 12 - sawdust and shavings contained “hateful language and terms derogatory to Latinos.” The Representative said officials turned the matter over to federal authorities. Source: http://www.chicagobreakingnews.com/2009/06/powder-leads-to-evacuation-ingutierrez-building.html For more stories, see items 11 and 20 [Return to top] Emergency Services Sector 32. June 3, Honolulu Advertiser – (Hawaii) $6.9 million grant will go toward new rescue facility. The U.S. Department of Transportation has awarded the state a $6.9 million grant to build a new aircraft rescue and firefighting facility at the Moloka’i Airport. State airport officials said the current facility is aging and stands in violation of a number of federal safety guidelines, including its location. The new facility will be built in a safer, more open area next to the airport’s air traffic control tower. Once completed, the facility will feature a two-fire truck garage with room for the storage of fire and rescue equipment. The building will also be equipped with an emergency generator. Source: http://www.honoluluadvertiser.com/article/20090603/NEWS25/906030361/+$6.9+milli on+grant+will+go+toward+new+rescue+facility 33. June 2, WLKY 32 Louisville – (Kentucky) Emergency first responders evaluate derailment response. Louisville’s emergency first responders train for mass casualty incidents like Monday’s train derailment at the Louisville Zoo. Tuesday, officials said that training paid off. “I think it was a uniquely smooth operation,” said the EMS director. When the call went out, Metro EMS sent nine ambulances to the scene, with the first arriving in just four minutes. He said his office also received mutual aid from several private ambulance companies. “In 30 minutes flat, we were able to evaluate, stabilize and move 20 people off the scene,” he said. “That’s remarkable when that can happen at any scene at any disaster in any city in the world.” The EMS director said his office plans to hold debriefing meetings with other first responders and hospitals to discuss what worked and what did not about Monday’s response. For example, he said his staff encountered problems with 2-way radio reception because of the zoo’s terrain. He said that required employees to run information back and forth to each other. Plans to update the city’s radio system could eliminate that issue in the future. Source: http://www.wlky.com/news/19639159/detail.html 34. June 2, East Valley Tribune – (Arizona) Mesa unable to track 911 response times. Mesa, Arizona, has no way to track whether its ambulance provider is responding to life-threatening emergency calls as required under a contract between the city and the company. A city audit released last week found that neither Mesa Fire Department dispatchers nor Southwest Ambulance has the ability to consistently log the types of emergency calls coming into the system or the responses to those calls. The result is “data inaccuracies prevented us from assessing Southwest Ambulance’s compliance with the contract’s primary performance measure, which is response time to 911 calls,” - 13 - the report states. Mesa has a three-year contract, until 2010, with Southwest Ambulance, a private ambulance provider. For serious emergencies, Southwest Ambulance must arrive within nine minutes of being dispatched at least 90 percent of the time. Such calls represent less than 5 percent of all calls, but these are critical calls, because they “often involve patient survival,” the report adds. Mesa fire department officials have responded to the audit, saying they are already working on rectifying these issues in conjunction with Southwest Ambulance. Source: http://www.eastvalleytribune.com/story/139914 For another story, see item 5 [Return to top] Information Technology 35. June 2, IDG News Service – (International) Thousands of Web sites stung by mass hacking attack. As many as 40,000 Web sites have been hacked to redirect unwitting victims to another Web site that tries to infect PCs with malicious software, according to security vendor Websense. The affected sites have been hacked to host JavaScript code that directs people to a fake Google Analytics Web site, which provides data for Web site owners on a site’s usage, then to another bad site, said the threat research manager for Websense. Those Web sites have likely been hacked via a SQL injection attack, in which improperly configured Web applications accept malicious data and get hacked, the researcher said. Another possibility is that the FTP credentials for the sites have somehow been obtained by hackers, giving them access to the inner workings of the site. It appears the hackers are using automated tools to seek out vulnerable Web sites, the researcher said. The latest campaign underscores the success hackers have at hosting dangerous code on poorly secured Web sites. Once a user has been directed to the bogus Google analytics site, it redirects again to another malicious domain. That site tests to see if the PC has software vulnerabilities in either Microsoft Corp.’s Internet Explorer browser or Firefox that can be exploited in order to deliver malware, the researcher said. If it does not find a problem there, it will launch a fake warning saying the computer is infected with malware and then try to get the user to willingly download a program that purports to be security software but is actually a Trojan downloader, he said. The fake security programs are often called “scareware” and do not work as advertised. As of May 29, only four of 39 security software programs could detect that Trojan, although that is now likely changed as vendors such as Websense swap malware samples with other companies in order to improve overall Internet security. Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxono myName=security&articleId=9133820&taxonomyId=17&intsrc=kc_top See also: http://news.cnet.com/8301-1009_3-10255226-83.html 36. June 2, eWeek – (International) Apple patches QuickTime, updates iTunes. Apple has issued a slew of critical patches for its QuickTime media player and updated the digital media application iTunes. Version 7.6.2 of QuickTime received the majority of patches, targeted at patching holes that allow maliciously crafted files to perform unexpected - 14 - application terminations or arbitrary code executions. The iTunes upgraded software now supports iPhone and iPod touch with the iPhone’s 3.0 software update, and Version 8.2 also includes “many accessibility improvements and bug fixes,” according to Apple. In March, Apple announced that iPhone firmware Version 3.0 was due to be released in mid-2009. One QuickTime patch fixes a memory corruption issue that existed in the player’s handling of Sorenson 3 video files, while another addressed the issue of a heap buffer overflow existing in the handling of FLC compression files. Eight of the patches concern Apple and Microsoft operating systems, and two patches address vulnerabilities found only in Microsoft Vista and XP versions. The update is the second this year for QuickTime; the first, issued in January, fixes seven security vulnerabilities. Microsoft noted in a security report published in 2008 that, in the first half of 2008, a QuickTime flaw had been the third-most attacked vulnerability for Windows XP users and the fourth-most attacked for Vista customers. Source: http://www.eweek.com/c/a/Midmarket/Apple-Patches-QuickTime-UpdatesiTunes-415256/ See also: http://elitestv.com/pub/2009/06/iphone-and-ipod-touch-are-vulnerable-tohackers-and-new-viruses Internet Alert Dashboard To report cyber infrastructure incidents or to request information, please contact US−CERT at soc@us−cert.gov or visit their Website: http://www.us-cert.gov. Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and Analysis Center) Website: https://www.it-isac.org/. [Return to top] Communications Sector 37. June 3, Daily Times – (Virginia) Broadband cables to be placed. The Eastern Shore of Virginia Broadband Authority announced this week that it has completed an easement purchase agreement with Canonie Atlantic Company and Cassatt Management LLC (Bay Coast Railroad) for placement of a fiber optic cable along the railroad immediately. Installation along the railway corridor is part of the network backbone, or the “super highway” of the high-speed network. The first phase of the broadband initiative, which places the fiber optic cable across the Chesapeake Bay Bridge-Tunnel, is nearing completion, officials said in a prepared release. The goal of the authority is to provide the most affordable, technologically up-to-date broadband Internet service possible for all residents, businesses and institutions on Virginia’s Eastern Shore; and to provide very high-speed access, said the interim executive director of the authority. Source: http://www.delmarvanow.com/article/20090603/ESN02/906030385 38. June 2, Tampa Bay Business Journal – (Florida) AT&T activates Pasco, Hernando cell towers. AT&T has activated three new cell sites in Pasco and Hernando counties. The new sites are among nearly 100 AT&T plans to add in Florida this year. The Hernando County cell site, located on U.S. 19 north of the Forest Oaks Boulevard intersection, is providing additional wireless coverage in northern Spring Hill and along - 15 - U.S. 19 just south of Weeki Wachee. In northwestern Pasco County, a new cell site on Antler Lane is just east of the Suncoast Parkway/Veterans Expressway and north of the Shady Hills Road exit. It is boosting coverage in Shady Hills and eastern Spring Hill, the company said. Another new cell site is near County Line Road and Meadow Pointe Boulevard in Wesley Chapel and that is expanding coverage in the Meadow Pointe subdivision, according to a release. The new Hernando and Pasco county cell sites are part of AT&T’s continued expansion of its high-speed, third-generation network. AT&T announced late May that it would be upgrading its network with the goal of increasing speed. Those upgrades are slated to begin later this year for completion expected in 2011. Source: http://www.bizjournals.com/tampabay/stories/2009/06/01/daily24.html 39. June 1, Techworld – (International) Servers crash after data center overheats. The spate of hot weather in the United Kingdom claimed a notable scalp after a London data center experienced a cooling failure, which caused several servers to overheat and crash. The Braham Street data center, located in the City of London, and owned by Level 3 Communications, experienced a chiller failure on May 31 when one of the five units designed to cool the data centre failed. “The faulty chiller is currently being repaired, and the other chillers continue to operate at the facility,” he added. “Customers are being informed of the issue.” Techworld understands that the data center itself continued to run as usual with no downtime, but that several servers within the data center itself overheated and crashed. Although the outside temperature on May 31 in that area peaked at a high of 23 degrees Celsius (73 degrees Fahrenheit), the internal temperatures within the data centre soared to an estimated 50 degrees Celsius (122 degrees Fahrenheit) by 7 p.m. in the evening. Typically, data centers aim to run at anywhere from 18 to 25 degrees Celsius (64 to 77 degrees Fahrenheit). These soaring temperatures claimed at least one victim, bringing down servers belonging to the music service Last.fm, for five hours approximately. Source: http://www.techworld.com/news/index.cfm?RSS&NewsID=116766 [Return to top] Commercial Facilities Sector 40. June 3, San Francisco Chronicle – (National) S.F. startup protects from airborne attack. A San Francisco startup endorsed by a former Homeland Security Secretary has begun marketing a system designed to protect a building’s ventilation system in the case of an airborne chemical, radiological or biological attack. Building Protection Systems Inc. developed technology that can automatically shut down an air intake system three seconds after detecting a toxic substance. The system also is designed to give building managers and emergency workers detailed information about the substance. The former Secretary, who recently signed on as a senior adviser to the firm, said in a telephone interview that the system would help plug a major vulnerability for office buildings and could be used for other public areas such as transportation systems. The system has received a Qualified Anti-Terrorist Technology designation from the Homeland Security Department. The system can be programmed to call police and fire agencies and tell emergency personnel responding to the scene what the substance is and whether - 16 - building occupants need to be evacuated or stay inside. The firm is also developing a portable system for a West Coast police agency that could be used at major events. Another system is being developed for public transit. Source: http://www.sfgate.com/cgibin/article.cgi?f=/c/a/2009/06/02/BUFD17VM49.DTL&type=tech For more stories, see items 5, 31, and 33 [Return to top] National Monuments & Icons Sector See item 27 [Return to top] Dams Sector 41. June 3, Seattle Times – (Washington) “Broken” communication between dam operator and local governments exacerbated Pacific flood. Communication breakdowns between emergency personnel at the local and federal level and a lack of awareness about changes in the depth of the White River led to $15 million in flood damage in Pacific in January, according to a report released on June 2. The Army Corps of Engineers, which produced the report, also said it did not know how bad the flooding was for almost a day, in part, because “no sense of emergency was communicated at any level” after it released water from Mud Mountain Dam into the White River. The corps met in January to review its response to the January 8 flood, which damaged 112 homes and 10 businesses in Pacific, a city of 6,000 in South King County. King County’s Office of Emergency Management did not write its own “after-action report” on lessons learned because it participated in the corps’ review, a spokeswoman said. As a result of discussions with the corps, the county emergency office has updated its emergencycontact lists to ensure it has correct phone numbers for other agencies and for people who requested notification when flood conditions are predicted, a spokeswoman said. At the time of the flooding, no one from the corps was in the county’s Emergency Coordinating Center, and the phone contact the county had was for a corps employee working on flooding in Snohomish County. The corps of engineers’ report said the White River had lost 6 feet of depth — about 30 percent of its capacity — at one location below the Mud Mountain Dam. But the corps was unaware the river had become more shallow in recent years, so it miscalculated the amount of water it could release from the dam without causing serious flooding downstream, the report said. The miscalculation was due largely to a lack of reliable gauges along the river. Source: http://seattletimes.nwsource.com/html/localnews/2009293098_pacific03m0.html [Return to top] - 17 - DHS Daily Open Source Infrastructure Report Contact Information About the reports − The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open−source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Website: http://www.dhs.gov/iaipdailyreport Contact Information Content and Suggestions: Send mail to NICCReports@dhs.gov or contact the DHS Daily Report Team at (202) 312-3421 Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes. Removal from Distribution List: Send mail to support@govdelivery.com. Contact DHS To report physical infrastructure incidents or to request information, please contact the National Infrastructure Coordinating Center at nicc@dhs.gov or (202) 282−9201. To report cyber infrastructure incidents or to request information, please contact US−CERT at soc@us−cert.gov or visit their Web page at www.us-cert.gov. Department of Homeland Security Disclaimer The DHS Daily Open Source Infrastructure Report is a non−commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material. - 18 -