Current Nationwide Threat Level Homeland Security ELEVATED Daily Open Source Infrastructure Report for 24 August 2009 Significant Risk of Terrorist Attacks For information, click here: http://www.dhs.gov Top Stories XETV 6 San Diego reports that a 300-gallon propane tank exploded on August 20 at John Lenore Company, a beverage distributing company, in San Diego, California. The explosion caused a fire which forced 50 people living in a one-mile radius to evacuate their homes. (See item 18) According to NBC Bay Area, arson investigators are investigating a car fire on August 20 near the Oakland, California home of the president of the entire University of California system, who has been the target of recent protests related to tuition hikes and employee furloughs approved to offset UC’s budget deficit. (See item 31) Fast Jump Menu PRODUCTION INDUSTRIES ● Energy ● Chemical ● Nuclear Reactors, Materials and Waste ● Critical Manufacturing ● Defense Industrial Base ● Dams Sector SERVICE INDUSTRIES ● Banking and Finance ● Transportation ● Postal and Shipping ● Information Technology ● Communications ● Commercial Facilities SUSTENANCE AND HEALTH ● Agriculture and Food FEDERAL AND STATE ● Government Facilities ● Water Sector ● Emergency Services ● Public Health and Healthcare ● National Monuments and Icons Energy Sector Current Electricity Sector Threat Alert Levels: Physical: ELEVATED, Cyber: ELEVATED Scale: LOW, GUARDED, ELEVATED, HIGH, SEVERE [Source: ISAC for the Electricity Sector (ES−ISAC) − [http://www.esisac.com] 1. August 21, EnergyCurrent – (International) PTTEP responding to oil, gas leak on jackup West Atlas. All 69 people aboard Seadrill jackup West Atlas have been evacuated following an oil and gas leak on August 21. The rig was drilling on the -1- Montara field offshore Australia in the Timor Sea at the time of the incident. PTTEP Australasia, the operator of the development, has activated its emergency management procedures and authorities have been notified. The size of the spill is not known. Approximately 40 barrels of oil were discharged from the wellhead in the initial incident. Since then, condensate has been discharged via the gas stream at pressure. Weather in the area is calm. Source: http://www.energycurrent.com/index.php?id=2&storyid=20149 2. August 20, KTTH 770 Seattle – (Washington) Fuel spill in Seattle train collision. Crews have contained a 1,000 gallon diesel spill after two train cars collided in Seattle. “We were performing a routine switching operation and apparently a string of cars somehow started moving and made contact with two idle locomotives that were sitting on an adjacent yard track,” said a spokesperson for Burlington Northern Santa Fe Railway. Two cars containing particle board were derailed and fell into a leaning position. A fuel tank on one of the locomotives ruptured in the collision at the rail yard. The state Ecology Department says the spill was contained at the scene and did not reach drains or nearby Elliott Bay. The collision did not impact switching in the rail yard or traffic on the mainline. Source: http://www.mynorthwest.com/?nid=11&sid=203136 3. August 20, U.S. Environmental Protection Agency – (Connecticut; Massachusetts) 3 facilities agree to pay penalties totaling $226,132 for oil spill planning failures. Three southern New England facilities that store over a million gallons of oil each agreed to pay penalties for failing to take adequate precaution to prevent and contain oil spills. Specifically, EPA alleges that the following oil storage facilities had failed to adequately prepare and maintain Spill Prevention, Control, and Countermeasure plans and/or Facility Response Plans: DDLC Energy of New London, Connecticut; Taylor Energy of Broad Brook, Connecticut; and Northeast Products Co. Inc. of Fall River, Massachusetts. Every year, thousands of gallons of oil are spilled from large and small oil storage facilities, polluting New England waters. The plans are critical to ensuring that such spills are prevented and, if they do occur, adequately addressed. Source: http://yosemite.epa.gov/opa/admpress.nsf/0/F13730F0083C2ADB852576180057AF58 4. August 20, Business Green – (California) LA applies for $200m smart grid stimulus funding. The largest urban utility company in the United States has become the latest in a long line to apply for federal government stimulus funding to speed up the creation of a smart metering system for use by its domestic customers. The Los Angeles Department of Water and Power (LADWP) is seeking $200m, the maximum financing available to it under the American Recovery and Reinvestment Act, to help finance its ambitious smart grid plans. In May 2008, LADWP, which has 1.4 million customers, submitted proposals to the California Energy Commission for a smart grid, which would lead to the deployment of 100,000 two-way smart meters and a further 1.3 million oneway devices over five years. Meanwhile, the utility has already installed smart meters from SmartSynch at commercial and industrial customer sites in order to analyze energy -2- consumption patterns and establish peak demand times to minimize brown-outs. Source: http://www.businessgreen.com/business-green/news/2248152/la-applies-200msnart-grid For more stories, see items 44 and 46 [Return to top] Chemical Industry Sector 5. August 20, WLOX 13 Pascagoula – (Mississippi) First Chemical fined for Pascagoula explosion. First Chemical Corp has agreed to pay $731,000 in civil penalties to the federal government. The fine is the result of a settlement of a Clean Air Act violation claim stemming from an explosion at the Pascagoula plant back in October 2002. The claim said that 1,200 pounds of an extremely hazardous chemical was released during the blast and that company failed to meet the general duty requirement. In a statement, First Chemical said since the time of the incident DuPont has acquired the Pascagoula site, and implemented safeguards and process safety systems to prevent such an incident from happening again. In addition, the company said it has worked with the Chemical Safety Board to share what it has learned from this incident to help prevent similar incidents at other chemical plants worldwide. Source: http://www.wlox.com/Global/story.asp?S=10965828 [Return to top] Nuclear Reactors, Materials, and Waste Sector Nothing to report [Return to top] Critical Manufacturing Sector 6. August 21, FOX News – (National) Volkswagen, Audi issue reportedly recall thousands of vehicles. Volkswagen and Audi are reportedly recalling 16,000 new vehicles due to transmission problems causing them to lose power or completely stall. Government officials have been investigating the problem since July 17, ABC News’ “Good Morning America” reports. The affected vehicles utilize a new type of transmission called a direct shift gearbox (DSG), and in some cases, have stranded motorists amid fast-moving traffic. “You’re in motion, but all of a sudden you don’t have any acceleration,” said a woman from California. “The gas wouldn’t work.” An employee of the nonprofit Center for Auto Safety said the problem is a “classic” safety hazard. “Consumers are being stranded on freeways,” he said. “It’s only a matter of time before we have consumers being killed.” Volkswagen says it has not received any reports of injuries or deaths. In a joint statement to “Good Morning America,” Volkswagen and Audi said the problem is caused by faulty temperature sensors, affecting 13,500 Volkswagen models and 2,500 Audi models. “We are confident that the -3- temperature sensor is the cause of this safety issue,” the statement read. Source: http://www.foxnews.com/story/0,2933,541327,00.html?test=latestnews 7. August 20, Aviation Week – (International) EASA wants pitot changes within four months. EASA is firming up a proposal for an airworthiness directive that it published the week of August 10, which will give operators of Airbus A330s and A340s just four months to replace Thales Avionics pitot probes. It previously aimed to issue a directive requiring carriers to replace at least two Thales probes on A330s and A340s with Goodrich ones, because, according to EASA, Thales pitot probes appear to have “greater susceptibility” to adverse weather conditions during flights at high altitude than Goodrich probes. Thales has developed a new ‘BA’ type probe to replace its older ‘AA’ probes which, EASA says, has improved airspeed indication behavior on A320s. It is therefore a potential replacement on A330s and A340s. However, EASA warns that the BA probe has not yet demonstrated the same level of robustness to withstand high altitude ice crystals as the Goodrich ‘0851HL’ probe. No other probes are approved on the A330 and A340. Under EASA’s proposed directive, carriers operating A340s and A330s equipped with Thales probes will be required to replace at least two probes per aircraft — be they AA or BA types — with Goodrich probes at positions 1 and 3. Any Thales probe retained at position 2, says EASA, must be a BA type. That said, all three probes could be replaced with the Goodrich type, but all replacements must be completed within four months of the (yet to be decided) effective date of the directive. EASA adds that this directive is a precautionary measure, as airspeed discrepancies could result in auto-thrust and autopilot disconnection and a reversion to “alternate” flight law on the Airbus aircraft, as well as a possible reduction in control. Source: http://www.aviationweek.com/aw/generic/story.jsp?id=news/pit8209.xml&headline=EA SA 8. August 18, Kearney Hub – (Nebraska) Man pleads guilty to Nov. bomb threat at Tenneco. A man pleaded guilty to a charge of threatening the use of an explosive device November 4 at the Tenneco Automotive plant in Cozad. The charge in Dawson County District Court is a Class IV felony carrying a sentence of up to five years in prison. The judge ordered a presentence report by the State Probation Department and set sentencing for October 23. In the bomb threat case, the man was identified by authorities from a security camera at a Cozad service station. A Tenneco employee said she heard a man’s voice say a bomb had been placed in the plant. The call was received just before the noon hour. The plant was closed and employees were dismissed for the day. In addition to the terroristic threats charge he pled to, he faced five other charges from that incident that were dismissed as part of the plea agreement. The dismissed charges included false arrest, strangulation, third-degree assault and being a felon in possession of a firearm. Source: http://kearneyhub.com/news/local/article_bf0bc32e-8c1d-11de-93a9001cc4c03286.html [Return to top] Defense Industrial Base Sector -4- 9. August 21, Navy Times – (National) New Va.-class sub construction problem. Weapons-handling gear aboard four Virginia-class attack submarines was improperly assembled by workers at Northrop Grumman’s Newport News shipyard, the latest manufacturing problem at the Virginia facility. The problem affects the North Carolina, New Mexico, Missouri and California, Naval Sea Systems Command (NAVSEA) confirmed. Uncorrected, the problems could disable the weapons room, according to the Navy. At issue are fasteners: the nuts and bolts that hold together the tracks for the sophisticated handling system in each submarine’s weapons, or torpedo, room. Yard workers at General Dynamics Electric Boat in Groton, Connecticut, discovered the mechanical quality issue in early August while working on the Missouri. After notifying Northrop Grumman Shipbuilding — which shares equally in building the Virginia-class submarines — GD, as the prime contractor for the program, notified the Navy on August 6. Of the four affected submarines, only one, the North Carolina, is in service, having been accepted by the Navy in February 2008 and commissioned in May 2008. The New Mexico’s crew moved aboard for the first time July 28 and the submarine is in the final stages of completion at Newport News. The Missouri is set to be launched later this year at Electric Boat, and Newport News held a keel-laying ceremony for the California this past May. According to the Navy and Northrop Grumman, no problems were found on another submarine, New Hampshire, which was delivered by Electric Boat in August 2008. The shipbuilders are continuing to investigate the problem, and are to provide “a combined assessment of the issue to the Navy within two weeks,” according to the NAVSEA statement. Source: http://www.navytimes.com/news/2009/08/navy_DN082009_sub_problem_web/ 10. August 21, Knoxville News Sentinel – (Tennessee) Y-12 guard suspended for having recording device. The government’s security contractor at the Y-12 nuclear weapons plant confirmed August 20 that a guard had been suspended for bringing a recording device into the high-security facility. “A security police officer at Y-12 was found to have a micro-tape recorder in his possession during a random search by a Protective Force supervisor,” a spokeswoman for Wackenhut Services Inc., said. “The device did not contain either a tape or batteries.” She said the incident was “reported to the proper authorities” and is also being investigated by Wackenhut. “Upon conclusion of the investigation, appropriate action will be taken by WSI,” she said. Recording devices are forbidden inside the Oak Ridge facility, where weapons parts are manufactured and classified information is kept. 11. Source: http://www.knoxnews.com/news/2009/aug/21/y-12-guard-suspended-forhaving-recording-device/ 12. August 19, Online Defense and Acquisition Journal – (National) Troubled STSS readies for launch. Northrop Grumman employees will be holding their breath around September 15 when a rocket lifts a new generation of space sensors into orbit. That launch will carry two demonstration satellites of a $1.4 billion program known as the Space Tracking and Surveillance System. Given how long the program has been in gestation — more than a decade, after having been canceled once before — there is almost no hope of building more STSS birds. A new program would have to be started and this is a difficult time to get any new program approved by the Pentagon. STSS will -5- provide capabilities the U.S. does not have now. The two satellites will be able, from their low earth orbit, to give missileers a “stereo” view of a cold missile flying through space. That means the U.S. could shoot one missile at the incoming threat, see if it hits and then ready another strike with much higher confidence than is currently possible, said the sector VP for Northrop’s information systems. The entire program was publicly criticized for lousy quality control by the director of the Missile Defense Agency. Testifying before the House Armed Services Committee, he said May 21 more than half of his agency’s $152 million budget overrun in 2008 was due to STSS. The former STSS program manager, who is now Northrop’s VP for military space systems, said that they had had problems with a “box” supplied by a subcontractor, among several technical issues they faced. Because the subcontractor no longer did any military business, Northrop had to open up the box and reverse engineer it to figure out what was causing the problem and then fixed it. That sort of work eats up tremendous numbers of very expensive man hours. Source: http://www.dodbuzz.com/2009/08/19/troubled-stss-readies-for-launch/ [Return to top] Banking and Finance Sector 13. August 21, HedgeCo.net – (National) SEC halts phony investment fund by San Diego fraudster. The Securities and Exchange Commission on August 20 received permission to freeze the assets of a fraudster who allegedly raised as much as $70 million from 300 investors though his fund, MAK 1 Enterprises Group, LLC. The SEC says he solicited investors in Southern California and several other states, as well as a charitable foundation, through word-of-mouth referrals and a website. The defendant claimed to pool investor funds to invest in commercial paper, foreign currency trading products, and other investments, which the SEC believes to be non-existent. Instead, he misused investor funds to pay for several luxury cars and residential properties, including those now owned by his wife, who was also named as a relief defendant. The complaint alleges the fraudster fabricated and gave to an accountant a “screen shot” of MAK 1’s online banking activity purporting to show a balance of over $50 million in its bank account, in reality, the average daily balance in that account never exceeded $197,000. Source: http://www.hedgeco.net/news/08/2009/sec-halts-phony-investment-fund-bysan-diego-fraudster.html 14. August 20, The Register – (International) Security bugs crawl all over financial giant’s website. For the past five months, a website for investment services giant Ameriprise Financial contained bugs that allowed even low-level criminals to inject malicious content into official company webpages and steal user’s cookies, according to a web security expert. The XSS, or cross-site scripting, flaws made it possible for phishers to send Ameriprise customers bona fide links to the Ameriprise website that opened pages that intermingled counterfeit content with legitimate text and graphics. The holes could also allow criminals to steal browser cookies used to authenticate online accounts. In the five months since a researcher of HolisticInfoSec.org first identified the bugs, Ameriprise offered customers statements like this one, which assures visitors that “no one without the proper web browser configuration can view or modify information -6- contained on our systems.” And yet, not one of the half-dozen warnings the researcher sent were answered. “The reality is that not enough of these companies at that level, particularly in the financial sector, properly do intake for vulnerabilities,” said the researcher. “There should be something on their site that says ‘If you see a security issue on our site, please report it.’” Source: http://www.theregister.co.uk/2009/08/20/ameriprise_website_vulnerabilities/ [Return to top] Transportation Sector 15. August 20, Dallas Morning News – (Texas) Naked, unruly passenger removed from Las Vegas-bound Southwest flight. A Southwest Airlines flight from Oakland, Texas bound for Las Vegas turned back Thursday after a male passenger exposed himself, became unruly, and eventually removed all his clothes. According to the summary from the Federal Aviation Administration, Southwest flight 943 was headed to Las Vegas when a male passenger exposed himself to a female passenger. He then struck a different female passenger, and was restrained by other passengers on the flight. He was not done, however. The summary says the passenger became unruly and got naked, at which time he was subdued again by crew and other passengers and restrained either in the galley area of the aircraft or the lavatory. The Southwest pilot chose to return to Oakland to have the passenger removed by law enforcement. The struck female passenger was treated by medical officials and was not seriously injured. Source: http://www.dallasnews.com/sharedcontent/dws/bus/industries/airlines/stories/0821dnbus southwest.fc7a869b.html 16. August 19, Washington Post – (District of Columbia; Maryland) Man charged for threatening to bomb several Metro stations. An area man was arrested Tuesday and charged with threatening to blow up multiple Metro stations in Washington and Maryland, authorities said. Metro Transit Police detectives said they think the man made calls from January to July, claiming that he had explosives, from several train stations in the District and Prince George’s and Montgomery counties. The man, who is in custody, was charged by a federal grand jury with five counts of “willfully making a threat/maliciously conveying false information using fire and explosives.” He faces up to 10 years in prison. Source: http://www.washingtonpost.com/wpdyn/content/article/2009/08/19/AR2009081903186.html For more stories, see items 2, 27, and 47 [Return to top] Postal and Shipping Sector 17. August 21, KSBY 6 San Luis Obispo – (California) A threatening letter containing suspicious white powder; a suspect is arrested. Santa Barbara County Sheriff’s -7- detectives arrested a woman they say sent a threatening letter containing suspicious powder to a local office building. The county’s social services building in Goleta was evacuated the morning of August 14 after an employee discovered the letter. The substance inside turned out to be baby powder. After getting a tip that a woman who visited the building that day had returned on August 17, detectives arrested her. Source: http://www.ksby.com/Global/story.asp?S=10966734 [Return to top] Agriculture and Food Sector 18. August 21, XETV 6 San Diego – (California) 300-pound propane tank explodes at soda distributor. A 300-gallon propane tank exploded at a beverage distributing company Thursday afternoon in San Diego. It happened near the I-15 during rush hour traffic in Golden Hill and shut down part of the freeway for about an hour. The explosion caused a fire which forced several people living nearby to evacuate. Helicopters and fire trucks raced to the canyon setting of the John Lenore Company. At least 50 people living in a one-mile radius had to leave their homes. Firefighters say the tank explosion started parts of the building and the surrounding grass on fire. “When you have a propane tank burning, it’s going to be hot for a long time,” said the battalion chief with San Diego Fire. “It takes a long time to burn 300 pounds of propane.” Fire investigators are not sure why the tank exploded, but no one was injured. It is also unknown what type of health hazard the black smoke was to the area. Source: http://www.sandiego6.com/news/local/story/300-Pound-Propane-TankExplodes-at-Soda/nS1OsWkMZkC5KczAWiD8fA.cspx 19. August 20, Examiner – (Wisconsin) The blight with a passport. Tomatoes and potatoes both are in danger of harm from a highly contagious fungus bent on expanding its travel horizons. Potato fields in two Wisconsin counties — Portage and Columbia — have fallen victim to the infestation which is said to spread quickly with spores able to ride on a breeze for long distances. Both counties are among eight in the state confirmed as being badgered by the blight in tomatoes. Now it seems the fungus has added spuds to its travel itinerary. University of Wisconsin-Madison (UW) plant pathologists are working to officially confirm that the strains found recently in the Wisconsin potato fields are the same ones attacking tomatoes, but they expect their suspicions will hold true. The spore is known to have the ability to cross over from tomato to potato. The fungus comes from an infamous past is the same disease — commonly known as late blight — responsible for killing over a million people in the mid-1800s during the potato famine in Ireland. Growers in Wisconsin are on the lookout for the pale green spots on leaves that signal the blight’s arrival. Those little pale spots soon turn to brown and then to black and slimy, according to UW pathologists. Source: http://www.examiner.com/x-9392-Milwaukee-Sustainable-FoodExaminer%7Ey2009m8d20-The-Blight-with-a-Passport 20. August 20, Pondera Independent-Observer – (National) Cattle deaths looked into by EPA. Last April, a rancher from Brady, Montana noticed something wrong with some of his cattle. Some of his calves and even his mature cattle were getting sick. A few days -8- later they were dead. The cause of death was ruled as natural bovine illness, but the rancher believed that his livestock had been exposed to radiation. He had noticed his cows drinking pooled water from snow melt and decided to take water samples of the area. The results showed that the Gross Alpha Emitters in the pooled snow melt were 83.1 picocuries per liter, more than five times the human health standard. When local authorities found themselves unable to deal with the situation, a Montana senator contacted the U.S. Environmental Protection Agency (EPA) and asked them to look into the situation. The EPA reviewed the samples and came to the conclusion that the loss of livestock would not have been caused by the concentration of uranium, gross alpha, and gross beta in the livestock water supply, but recommended further investigation. The EPA explained further, “Near [the man’s] ranch are both Minutemen missile silos and oil fields. We are aware that previous use of solvents, degreasers, and drilling fluids at these types of operations elsewhere in the Rocky Mountain region has led to local groundwater contamination, and could potentially be similarly impacting groundwater in the area of [the] property. Therefore, within the scope of EPA’s emergency response site investigation and assessment authority, water samples from the area will be collected, analyzed, and the results will be shared with [the rancher] and others in the area.” Source: http://www.theindependentobserver.com/index.php?option=com_content&task=view&i d=1113&Itemid=1 21. August 20, WLUK 11 Madison – (Wisconsin) Emerald Ash Borer quarantine Brown and Kenosha Counties. The state is taking further measures to stop the spread of the Emerald Ash Borer. The Wisconsin Department of Agriculture says a quarantine on materials which could contain the insect will take effect in Brown and Kenosha Counties on Saturday, August 22. The order means people will not be able to take such things as firewood, ash logs and ash nursery stock from those counties without state approval. The tree killing emerald ash borer has been discovered in six Wisconsin counties: Brown, Crawford, Kenosha, Ozaukee, Vernon, and Washington. Source: http://www.fox11online.com/dpp/news/local/green_bay/news_wluk_emerald_ash_borer _200908201500_rev1 22. August 20, Pork Magazine – (International; Iowa) Russia bans Iowa pork plant. Russia has suspended imports of pork from the Pine Ridge Farms’ plant of Des Moines, Iowa, according to Meatingplace.com. The ban affects product produced on or after July 28 which is ineligible to export to Russia. According to the U.S. Department of Agriculture’s Food Safety and Inspection Service, the cause of the ban stems from the detection of salmonella. Source: http://www.porkmag.com/news_editorial.asp?pgID=675&ed_id=8056 For another story, see item 23 [Return to top] Water Sector -9- 23. August 21, Reuters – (Illinois) Tyson to pay $2 mln to settle wastewater violations. Tyson Fresh Meats Inc, the beef and pork unit of Tyson Foods Inc will pay a $2 million civil penalty to settle allegations in connection with wastewater discharges at its Dakota City, Nebraska, beef plant, U.S. justice and environmental agencies said in a statement. Tyson said it has cooperated with the state and federal regulators and has since fixed the plant’s wastewater system. The penalty stemmed from discharges into the Missouri River from July 2003 to March 2004 that contained excess levels of fecal coliform and nitrites. The nitrite levels caused “high levels of toxicity to aquatic life in the river,” the joint Justice Department and Environmental Protection Agency statement said. The pollution discharge levels exceeded amounts set in a 2002 decree with Tyson, the federal government, and the state of Nebraska. The beef plant, on average, discharges 5 million gallons of treated effluent into the Missouri River each day. Source: http://www.reuters.com/article/rbssConsumerGoodsAndRetailNews/idUSN2150247200 90821 24. August 21, Associated Press – (Alabama) Report: Water pollution violations nearly triple. A review by an environmental watchdog group has found that the number of Alabama facilities violating water pollution regulations has nearly tripled since 2006. The review also shows that enforcement by the state Department of Environmental Management dropped from 1,408 in 2006 to 22 in 2008. The reviewer is scheduled to present the findings August 21 to the Alabama Environmental Commission, which oversees the department. A department spokesman said the report is using statistics that “are not up-to-date.” Source: http://www.newsday.com/report-water-pollution-violations-nearly-triple1.1384529 25. August 20, Water Technology Online – (Texas) Every 51 minutes in Houston, a water main breaks. “Every 51 minutes, a water line in Houston goes bust,” reported local television’s 11 News on August 11 after doing a computer analysis of the previous 18 months of the city’s water main repair records. According to data generated by the city and analyzed by reporters, Houston’s Public Works Department spends about $20 million annually for its crews to repair up to 28 trouble spots a day along its 7,500 miles of aging underground pipes. In the last 18 months, Public Works crews have fixed 16,103 trouble spots, the reporters found, noting that as this summer’s drought continues, water system repairs have increased 32 percent. “This year has been really daunting to our crews,” the public works spokesman was quoted as saying by 11 News. The Houston mayor said the city is planning infrastructure replacement projects in some neighborhoods that are experiencing the most failures. Source: http://watertechonline.com/news.asp?N_ID=72448 26. August 20, Newark Star-Ledger – (New Jersey) Officials discuss security at Newark watershed property. Charlotteburg Reservoir in West Milford, New Jersey is the most secure of the Newark Watershed’s five reservoirs said the rural water bodies, which provide drinking water for the entire city of Newark and several nearby municipalities. State and local public safety officials say it could still be a target for terrorist attacks. - 10 - Charlotteburg is the one reservoir closed to the public; the other four allow fishing, hiking and boating. About 40 officials met in West Milford on August 19 to discuss possible threats. August 20 marked the first Target Hardening Response and Emergency Activation Team deployment on the Newark Watershed, a collaboration between state police and watershed officials to familiarize public safety officers with the 35,000-acre property. Sharing intelligence may not be new for protecting homeland security, but focusing it on a rural water source is unprecedented for the Newark Watershed, said the director of emergency management in Newark. Potential threats to the watershed range from contamination of the water to breaching the massive Charlotteburg Dam, which could send billions of gallons of water flooding as far south as New Brunswick. Source: http://www.nj.com/news/local/index.ssf/2009/08/watershed_security.html [Return to top] Public Health and Healthcare Sector 27. August 21, Associated Press – (New Jersey) 2 walk away from fiery small plane crash in NJ. Two men ferrying medical specimens walked away from a fiery small-plane crash on the morning of August 21at an airport, and emergency responders found them at a nearby bus stop, alert and conscious, but badly burned. Both men were taken to St. Barnabas Medical Center. The plane was carrying blood specimens for Quest Diagnostics, which is just down the street from the airport, when it crashed just after 3 a.m. while trying to land, police said. The aircraft carries medical specimens to a lab at Teterboro that serves the New York metropolitan area, said a Quest Diagnostics spokesman. He said the flight originated in Reading, Pennsylvania, and made stops in Hartford, Connecticut, Norwood, Massachusetts, and Pottstown, Pennsylvania. Source: http://www.google.com/hostednews/ap/article/ALeqM5j10WwBXvgmjz0dflGUVNNl3 wmflQD9A7B1UG0 28. August 20, Los Angeles Times – (National) Officials may recommend 3 flu shots. In a sign of heightened concern that the upcoming flu season could be severe, top national and local health officials warned Wednesday that employers should brace for worker absences and cautioned the public that as many as three shots this season may be needed to protect against the H1N1 strain and seasonal flu. In Washington, the Commerce Secretary urged that common sense take precedence over “the Puritan work ethic.” He joined two other Cabinet secretaries to tell business owners to prepare for losing key employees to swine flu for days at a time. Federal officials told employers to encourage hand washing and aggressively clean work areas and to send ill workers home at the first hint of flu symptoms, expecting that they will be out for three to five days. Source: http://www.latimes.com/news/local/la-me-swine-flu202009aug20,0,4256379.story [Return to top] Government Facilities Sector - 11 - 29. August 21, WAFF 48 Decatur – (Alabama) Homemade bomb discovered at Decatur school. Police and fire investigators are still trying to determine who put a homemade bomb on the campus of a Decatur middle school. The device was found August 19 at Cedar Ridge Middle School, but the situation was handled so quickly that many students were unaware that anything happened. “We went into what’s called a modified lockdown drill,” said the principal. “Some police officers had reported to us that they had been notified that there was a suspicious object on the back of the campus, and they wanted to investigate it,” she added. The lockdown was called off in about an hour after investigators determined the homemade bottle explosive found behind the school was not a threat. Source: http://www.waff.com/Global/story.asp?S=10966823 30. August 20, Associated Press – (District of Columbia) Federal building evacuated after small electrical explosion. Authorities say they have evacuated about 300 people from the U.S. Department of Health and Human Services building after a small electrical explosion. D.C. fire crews responded at 9:45 a.m. A spokesman said there was a small explosion in a penthouse mechanical room, involving a transformer associated with the air conditioning system. He says there was no fire and no one was injured. Officials evacuated the building as a precaution. Source: http://www.federalnewsradio.com/index.php?nid=27&sid=1744594 31. August 20, NBC Bay Area – (California) Car torched outside UC president’s home. Arson investigators are investigating a car fire in Oakland. The suspected arson is getting extra attention because it happened near the home of the president of the entire University of California system. The FBI and ATF were called to help in the investigation. The Alameda County sheriff said it appears some sort of accelerant was used in the fire. The car was parked across the street from where the president lives. Authorities are not saying who owns the vehicle, other than it is not the president, who was taken by car out of the area just before 9 a.m. Thursday, but did not talk to reporters. Nobody was hurt in the fire. An Oakland police spokesman said investigators are not yet calling the fire arson because they have not ruled out the possibility that an electrical problem caused the fire. The university president has been the target of recent protests related to tuition hikes and employee furloughs approved to offset UC’s budget deficit. Source: http://www.nbcbayarea.com/news/local-beat/Car-Torched-Outside-UCPresidents-Home-53805927.html For more stories, see items 17, 43, and 44 [Return to top] Emergency Services Sector 32. August 20, KOCO 5 Oklahoma City – (Oklahoma) Crews battle blaze at OKC fire station. Firefighters responded to a blaze at a northeast Oklahoma City fire station on Thursday. Heavy flames were found in the kitchen and porch at Fire Station No. 6. There have been no reports of injuries nor any word as to what caused the fire. - 12 - Investigators said the fire likely started in the kitchen, but no one was in there cooking at the time. The kitchen and the living quarters sustained heavy damage, but crews were able to save most of their equipment. Damage to the firehouse was estimated at $150,000. Source: http://www.koco.com/cnn-news/20481411/detail.html 33. August 20, Associated Press – (Nevada) Pilot killed in firefighting tanker crash in NV. An air tanker battling a wildfire crashed about 125 miles northeast of Reno on August 20, killing the pilot. A Bureau of Land Management spokesman says the pilot was taken to the Lovelock hospital, where he was pronounced dead. The pilot’s name was not immediately released. The National Transportation Safety Board was notified about the 4 p.m. crash. No structures were threatened by the fire. Source: http://www.mercurynews.com/breakingnews/ci_13172036?nclick_check=1&forced=tru e 34. August 20, KFQD 750 Anchorage – (Nevada) 2 arrests in vandalism of fire crew’s equipment. Kenai, Alaska, police say they have arrested two men found with one of several vehicles stolen during a looting rampage at a firefighters’ compound in the Palmer area. The arrests are the first in connection with the ransacking of the headquarters of the Pioneer Peak Hotshots, a crew of firefighters that travels around Alaska and the Lower 48 battling wildfires. Tens of thousands of dollars worth of firefighting equipment was looted, five vehicles were stolen and nearly 20 cars were broken into at the compound. Source: http://www.kfqd.com/node/5143 For another story, see item 38 [Return to top] Information Technology 35. August 21, The Register – (International) IM client library bug plagues Pidgin. Users of Pidgin and other alternative IM clients need to update their software following the discovery of potentially serious security flaws. Pidgin, Finch, Adium, Meebo, and Gaim are all vulnerable to a flaw that stems from a bug in Libpurple, library software for multi-protocol support that is used by many IM clients. The vulnerability stems from bugs in the software function that handles instant messages from the MSN network. The flaw was discovered by CORE Security. The flaw is particularly serious because all it takes to take advantage of the vulnerability is a message from a regular MSN user, not necessarily on a targeted user’s buddy list, the SANS Institute Internet Storm Centre warns. Users are advised to update to an IM client that uses non-vulnerable versions of Libpurple (version 2.5.9 or above). For Pidgin, the most common of the alternative IM packages affected, that means updating to version 2.5.9. The issue provides further evidence that users of alternative client software may remove themselves from the main line of attacks but not from the need to patch their systems. Source: http://www.theregister.co.uk/2009/08/21/im_client_security_update/ - 13 - 36. August 19, DarkReading – (International) Rare malware a hint of threats to come. While pervasive, widespread malware attacks like Conficker get all the attention, there is another generation of obscure and dangerous malware that so far is too rare to be considered a threat — but could provide a hint of things to come. Security researchers are seeing some intriguing malware in small pockets. One piece of malware found on a desktop machine during a forensics investigation was actually pre-coded to steal specific information from the victim’s organization, says the CEO and founder of HBGary, whose company sees about 5,000 new pieces of malware a day. “It knew what it was looking for,” he says. And the malware was disposable so that it could disappear without a trace after doing its dirty work. A common thread among most of these unusual or odd malware samples that typically fly under the radar is that they are all about going after specific information or data, rather than more general attacks that cast a wide net and make the headlines. And the writers of these lesser-known and uncommon malware packages are using new methods to keep the attacks alive longer — even if it means brazenly attacking researchers who try to study them. Even so, most attacks over the next five years will still come from the morphing malware variants that are common today, but in higher and higher volumes, experts say. “We’re going to have to deal with more volume and attacks. And at the same time, there will be instances of really high quality attacks, where the attackers have thought things through — and not for a quick buck, but for something sustainable,” says the chief security advisor for F-Secure. “We’ll see more malware families that are technically advanced and stay around for longer periods of time,” he says. “Instead of recompiling variants of existing [malware], they will be refined slowly but surely, in a controlled manner” with new features, as Conficker and Torpig were, he says. Source: http://www.darkreading.com/security/client/showArticle.jhtml?articleID=219400756 Internet Alert Dashboard To report cyber infrastructure incidents or to request information, please contact US−CERT at soc@us−cert.gov or visit their Website: http://www.us-cert.gov. Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and Analysis Center) Website: https://www.it-isac.org/. [Return to top] Communications Sector 37. August 21, TelecomTiger – (International) Tata Comm to offer built-in DDoS as part of Internet Access services in North America. Tata Communications announced that it will offer built-in Distributed Denial of Service (DDoS) detection and mitigation services as part of its Dedicated Internet Access offering in North America. Enterprises in the region will now be able to fend off DDoS attacks by the Managed Security Service of Tata Comm which will offer the services as part of its Internet Clean Pipe services. The Internet Clean Pipe service absorbs attacks the moment the attack traffic is detected on Tata Communications’ global IP backbone. Tata Comm is leveraging its - 14 - partnership with Arbor Networks for this service. The chief security officer of Arbor Networks said: “Recent incidents such as those involving social networking, government, and commercial targets over the past month should serve as a stark reminder to any Internet-connected organization that DDoS remains a very real threat, and if unprepared, may result in considerable business impact. With the scale and sophistication of attacks today, enterprises must cooperate with their network services provider to obtain adequate protection in the event of such attacks.” Source: http://www.telecomtiger.com/fullstory.aspx?passfrom=enterprisestory&storyid=6945 38. August 21, Albany Times-Union – (New York) Verizon criticized after outage at 911 center. Rensselaer County, New York, officials blame Verizon for the five-hour shutdown of the county’s Emergency 911 Dispatch Center on the night August 19. This was the third time since December that the county lost its emergency dispatch center, which handles most fire, police and ambulance calls in the county, due to a power failure in South Troy. Officials said Thursday Verizon knew its equipment serving the dispatch center was operating on a battery backup because of a power outage but never took steps to bring in a generator or alert the county of the situation. The battery failed after its four hours of capacity were used up, and emergency calls in the county were routed to the State Police and the East Greenbush Police Department, which are the backups when the county system fails. Source: http://www.timesunion.com/AspStories/story.asp?storyID=833545&category=REGION 39. August 20, AngryCountry.com – (Tennessee) Nashville’s 98 WSIX studios severely damaged by large lightning strike. Clear Channel/Nashville, which includes WSIX, was rocked by a lightning bolt that struck the cluster’s ST/L on August 20. The bolt knocked out power for a short time and fried equipment throughout the building. “Two studios toast, one on life support; computers, sound cards, phone system and more up in smoke,” the WSIX programming director posted on his Facebook page. “Our engineering team is great. All five stations are on the air and nobody got hurt.” WSIX was off-air for nearly an hour, however. Source: http://magazine.angrycountry.com/article.php?story=20090820191800665 [Return to top] Commercial Facilities Sector 40. August 21, Associated Press – (Michigan) Discovery of ammo prompts store evacuation. The building containing a Goodwill store in Houghton, Michigan was evacuated after a box of ammunition, believed to be from the World War II era, was discovered among other donated items Wednesday afternoon. A Michigan State Police bomb disposal unit removed the material from the building later Wednesday, and the store reopened Thursday. Authorities do not know who owned the ammunition or who left it at the Goodwill store. The box also contained a grenade with the pin still in it, although a hole had been drilled in the bottom and the ammunition appeared to have been defused. - 15 - Source: http://www.chicagotribune.com/news/chi-ap-miammodonation,0,3989801.story 41. August 21, WSBTV 2 Duluth – (Georgia) Fake bomb brings bomb squad to Gwinnett motel. The Gwinnett County police bomb squad was called out to a Duluth, Georgia hotel late Thursday night to investigate a suspicious package left outside a room. Guests at the LaQuinta Inn on Stephens Center Drive were told to stay inside their rooms while police investigated. The bomb squad used a robot to check out the suspicious device. Police said a motel guest left the suspicious package outside their door as a hoax. The hotel guest appeared to be drunk, according to investigators. Source: http://www.wsbtv.com/news/20489405/detail.html 42. August 20, Atlanticville News – (New Jersey) Investigation ongoing into synagogue bomb threats. Federal and local authorities are still seeking information about bomb threats that recently emptied three synagogues in Long Branch and Deal, New Jersey. According to the Deal Police Department, on August 4 at approximately 8:10 p.m. an anonymous telephone call was received reporting that bombs were about to explode in three local synagogues, according to a press release from the Monmouth County Prosecutor’s Office. The three synagogues the caller identified are the Synagogue of Deal, Congregation Brothers of Israel, and Ohel Simha Congregation, located on Park Avenue, also in Elberon, according to authorities. The Synagogue of Deal was one of two synagogues with connections to the international money laundering scandal that rocked the local Syrian Jewish community last month. All three synagogues were promptly evacuated and then searched by bomb squads from the New Jersey State Police and the Monmouth County Sheriff’s Office. No explosive devices were located and no one was injured as a result of the threat, according to the prosecutor’s office. A joint investigation into the threat is being conducted by the Monmouth County Prosecutor’s Office, the Long Branch Police Department and the Deal Police Department in conjunction with the FBI, the Monmouth County Office of Homeland Security, the New Jersey State Police and the Monmouth County Sheriff’s Office. Source: http://atlanticville.gmnews.com/news/2009/0820/front_page/014.html 43. August 20, Florida Today – (Florida) Bomb threat to Job Link closes BCC building. A bomb threat closed a building on Brevard Community College’s Titusville campus in Florida on Thursday. The threat was against a Job Link office, which is in the M. Earl Jones building and unaffiliated with the school. About four classes and 100 students are affected by the closure, said a BCC spokesman. All other classes on the campus are in session. The M. Earl Jones building is expected to reopen Friday. Caution was taken after an unemployed man called a compensation call center in Orlando Thursday and said he was going to blow up the nearest career center. The call was traced to Rockledge so law enforcement responded to Brevard Job Link offices. Source: http://www.floridatoday.com/article/20090820/BREAKINGNEWS/90820032/1006/NE WS01/Bomb+threat+to+Job+Link+closes+BCC+building+ 44. August 20, Associated Press – (National) Roofs, trees, cars bear brunt of Midwest - 16 - storms. Crews surveyed holes in schools, churches, and homes and cleared away toppled trees, downed power lines, and shattered glass on August 20, the day after tornadoes and severe storms marched through the Midwest. While the National Weather Service assessed how many tornadoes touched down from Minnesota to Indiana, insurance adjusters and building inspectors made the rounds, and utilities worked to restore power to tens of thousands of customers. By Thursday afternoon, tornadoes were confirmed in Iowa, Illinois, and Minnesota. More assessments were under way in those states as well as Indiana and Wisconsin. The storm damage at the North Branch Middle School in North Branch, Minnesota caused officials to call off the final day of summer school and ponder how they would handle the start of regular classes about two weeks from now. In northwestern Indiana, a school gymnasium in Chesterton was left open to the sky after high winds tore apart its roof. Nearby apartments and homes suffered similar damage. The Duneland schools superintendent said a glass atrium at Chesterton Middle School also was damaged and a few classrooms had minor water damage. In the tiny central Illinois village of Williamsville, a tornado there left only the steeple of the Williamsville Christian Church standing. Uprooted trees and fallen power lines were the main problem in western Wisconsin. Residential damage was the primary concern in Minneapolis, the most densely populated of the storm-struck areas. A tornado tore off part of a 90-year-old metal church steeple and left a hole in the roof of the city Convention Center, where the Evangelical Lutheran Church in America was holding its national convention. Source: http://www.krdo.com/Global/story.asp?S=10964852 [Return to top] National Monuments & Icons Sector 45. August 19, Associated Press – (Indiana) Damage to Indy monument worse than first thought. Officials say water damage caused by leaks atop the Soldiers and Sailors Monument in downtown Indianapolis is more extensive than originally thought. The discovery means repairs to the interior of the city landmark will take longer than expected and delay the start of exterior renovations by about a month. That exterior work had been set to start Friday and be completed by September 25. The brigade general of Indiana War Memorials says that work is now expected to begin September 20 and be finished by October 20. Water entered the monument through its observation deck and its “Liberty” statue, causing part of the internal support system to deteriorate. The monument sits at the center of downtown Indianapolis’ Monument Circle. Source: http://www.wndu.com/indiana/headlines/53675627.html [Return to top] Dams Sector 46. August 21, Agence France-Presse – (International) Militants claim Russia dam disaster. An Islamist group Friday claimed it carried out deadly attacks on the same day against Russia’s biggest hydroelectric power station and a police station in the Caucasus that left dozens dead. Russian investigators strongly denied the claim by Riyadus - 17 - Salikhiin, a militant group with roots in Chechnya, that it had hit the power station as part of a new campaign of “economic war” in Russia. The claim was posted on a rebel website, Kavkazcenter.com, which said it received a statement by email. There was no way to check the veracity but Russian officials said Monday’s tragedy at Russia’s biggest hydroelectric plant was caused by a technical fault and there was no evidence of an attack. “Russian security service explosives experts have found no trace of explosive material at the site of the accident,” said a spokesman for the investigative committee of the state prosecutor. The rebel statement said militants had carried out an attack at the power plant in southern Siberia by placing an anti-tank grenade in the turbine hall on a timer and later detonating it. Russia’s prime minister, on a visit to the plant Friday, indicated that 75 people had been killed in the accident, which according to investigators took place when a massive flood engulfed the main turbine hall. Source: http://news.yahoo.com/s/afp/20090821/wl_afp/russiaenergyaccidentcaucasusunrest 47. August 20, Walla Walla Union-Bulletin – (Washington) Lock repair funds OK’d. Funds to keep river traffic flowing through the Lower Monumental Dam navigation lock are in the works. A U.S. Senator announced that $14 million to repair the downstream lock have been included in the American Recovery and Reinvestment Act. The task will employ an estimated 523 people, according to the U.S. Army Corps of Engineers, which operates the facility. In recent years, inspections of the gate revealed structural fatigue and required annual welding repairs to continue reliable operations. Last year, more than 1,000 recreational and commercial vessels were locked past the dam. Commercial vessels transported almost 2.2 million tons of commodities through the facility, which is near Kahlotus on the Snake River. Project managers anticipate installation of the new gate will take about 13-16 weeks and the work is being planned to occur during late 2010 to early 2011. Source: http://www.unionbulletin.com/articles/2009/08/20/local_news/090820local05damrepairs.txt [Return to top] - 18 - DHS Daily Open Source Infrastructure Report Contact Information About the reports − The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open−source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Website: http://www.dhs.gov/iaipdailyreport Contact Information Content and Suggestions: Send mail to NICCReports@dhs.gov or contact the DHS Daily Report Team at (202) 312-3421 Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes. Removal from Distribution List: Send mail to support@govdelivery.com. Contact DHS To report physical infrastructure incidents or to request information, please contact the National Infrastructure Coordinating Center at nicc@dhs.gov or (202) 282−9201. To report cyber infrastructure incidents or to request information, please contact US−CERT at soc@us−cert.gov or visit their Web page at www.us-cert.gov. Department of Homeland Security Disclaimer The DHS Daily Open Source Infrastructure Report is a non−commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material. - 19 -