Learning Center
Plans & pricing Sign in
Sign Out



									                          Homeland                                                               Current Nationwide
                                                                                                    Threat Level

                          Security                                                        Significant Risk of Terrorist Attacks
                          Daily Open Source Infrastructure                                For information, click here:
                          Report for 24 September 2010                          

Top Stories
        According to the Charleston Daily Mail, executives from the DuPont plant in Belle, West
         Virginia indicated that more than 160,000 pounds of methanol liquid was dumped into the
         Kanawha River over a 24-hour period. (See item 9)
        Associated Press reports that a man shot and wounded three people at Americold Logistics,
         a cold-storage facility in Crete, Nebraska, where he worked, before apparently shooting
         and killing himself September 22, authorities said. (See item 29)

                                                 Fast Jump Menu
          PRODUCTION INDUSTRIES                                     SERVICE INDUSTRIES
          • Energy                                                  • Banking and Finance
          • Chemical                                                • Transportation
          • Nuclear Reactors, Materials and Waste                   • Postal and Shipping
          • Critical Manufacturing                                  • Information Technology
          • Defense Industrial Base                                 • Communications
          • Dams                                                    • Commercial Facilities
          SUSTENANCE and HEALTH                                     FEDERAL and STATE
          • Agriculture and Food                                    • Government Facilities
          • Water                                                   • Emergency Services
          • Public Health and Healthcare                            • National Monuments and Icons

Energy Sector
              Current Electricity Sector Threat Alert Levels: Physical: ELEVATED,
              Cyber: ELEVATED
              Scale: LOW, GUARDED, ELEVATED, HIGH, SEVERE [Source: ISAC for the Electricity Sector (ES-ISAC) -

         1. September 23, Pittsburgh Tribune-Review – (Pennsylvania) Series of explosions
            rattles Oakland. A construction crew in Oakland, Pennsylvania struck an underground
            electrical line and caused a series of small explosions September 22, leaving a swath of
            the neighborhood without power for several hours. No one was injured. Officials closed
            Fifth Avenue between Craft Avenue and Robinson Street near Carlow University as a
            precaution while they made sure a nearby natural gas line had not been ruptured as

   well, said a Pittsburgh fire battalion chief. A Duquesne Light spokesman said about
   1,500 customers in Oakland lost electricity for nearly 3 hours. A contractor in a small
   backhoe was completing preparations to demolish the former Three Rivers Health and
   Fitness Center when he struck the 23,000-volt power line at about 2:30 p.m., causing
   three explosive flashes, according to Duquesne Light crews. A 6-inch gas line owned
   by Peoples Natural Gas was not affected.

2. September 23, Battle Creek Enquirer – (Michigan) Agency OK’S pipeline
   restart. Federal regulators have approved a restart plan for Enbridge Inc.’s pipeline
   which ruptured July 26 and spilled 819,000 gallons of oil into a Kalamazoo River
   tributary in Michigan. In a news release September 22, the U.S. Department of
   Transportation’s Pipeline and Hazardous Materials Safety Administration said
   Enbridge can begin a gradual restart of its Line 6B, a pipeline that failed 2 months ago
   and caused the spill near Marshall. Oil from that spill reached the Kalamazoo and
   stretched through Battle Creek. An Enbridge spokeswoman said the company still must
   fulfill some notification obligations before it can start the flow of oil again. The
   regulator didn’t say exactly when oil would be flowing again, but said the company
   must assess the safety of the pipeline within 2 weeks, and has 180 days to repair several
   problems found in previous inspections of Line 6B. On July 15, just days before the
   leak happened, Enbridge had requested a two-and-a-half-year extension to repair 154
   known problems in Line 6B found since at least 2009. That request was denied. With
   news that Enbridge knew about problems in Line 6B before the leak happened, news of
   a dent found in an Enbridge pipeline near Port Huron and another recent Enbridge leak
   near Chicago — coupled with the ongoing BP oil spill in the Gulf of Mexico — some
   local officials are worried the government may not be able to say the pipeline is safe.

3. September 23, Pittsburgh Post-Gazette – (Pennsylvania) Storm’s damaging winds
   wreak havoc. An intense storm September 22 toppled trees and power lines across
   Pittsburgh, Pennsylvania leaving more than 82,000 households and businesses in the
   area without power. At its peak, Duquesne Light reported 52,000 customers were
   without power. Allegheny Power said 14,000 of its customers in Washington County
   and an additional 16,000 in Westmoreland County were in the dark. The city public
   works director said crews were working to remove about 40 downed trees and branches
   across the city. About half involved branches that fell on power lines.

4. September 22, Central Valley Business Times – (National) California senators call for
   tougher pipeline standards. Legislation to strengthen oversight of the nation’s
   pipelines and increase the penalties for violations of federal pipeline safety regulations
   is being authored by California’s two U.S. Senators. “The tragic explosion in San
   Bruno makes clear why we must increase inspections of our nation’s pipelines,” said a
   Democratic Senator from California. “This measure will put more inspectors to work

                     protecting our communities while setting tougher penalties for safety violations.” The
                     bill would improve the nation’s pipelines by: Doubling the number of Federal pipeline
                     safety inspectors. Requiring deployment of electronic valves capable of automatically
                     shutting off the gas in a fire or other emergency. Mandating inspections by “smart pigs”
                     –- small robotic devices that inspect the insides of pipelines. Prohibiting natural gas
                     pipelines from operating at high pressure if they cannot be inspected using the most
                     effective inspection technology. Prioritizing old pipelines in seismic areas for the
                     highest level of safety oversight.

                  5. September 21, Associated Press – (Arkansas) OSHA cites safety lapses at
                     Smackover, Ark., plant. An oil refinery located in Smackover, Arkansas, owned by a
                     Texas company has been cited by the Occupational Safety and Health Administration
                     (OSHA) for lapses in safety measures at the plant, with proposed fines totaling
                     $165,600. A news release from OSHA September 21 said the Martin Operating
                     Partnership LP plant, owned by Martin Midstream Partners LP based at Kilgore, Texas,
                     employs about 65 workers in producing naphthenic crude oil. According to the release,
                     the Martin plant at Smackover is accused of 1 willful and 21 serious violations of
                     health and safety regulations. The release said the alleged willful violation was failure
                     to maintain safety information on various pressure vessels used at the plant. The other
                     violations cite alleged failures to keep and maintain certain documents relating to
                     safety, to develop an emergency rescue process, and to provide personal protective
                     equipment, including respiratory gear.

[Return to top]

Chemical Industry Sector

                  6. September 23, Charleston Daily Mail – (West Virginia) Bayer agrees to pay
                     settlement. Bayer CropScience agreed to pay the state Department of Environmental
                     Protection (DEP) nearly half a million dollars to settle several alleged violations at its
                     plant in Institute, West Virginia over the past year. The $460,000 settlement,
                     announced September 22, does not involve the August 2008 explosion at the plant.
                     “These agreements resolve a backlog with the agency and cumulatively clear the plate,”
                     the company’s vice president said. The DEP did, however, allege the company was
                     storing the deadly chemical methyl isocyanate, or MIC, in an underground tank that
                     lacked “full compliance.” But Bayer said there were “other redundant control
                     measures” and that it was “operating safely without danger to the plant and
                     community.” Bayer has previously announced it would invest $25 million to eliminate
                     above-ground storage of MIC and reduce underground storage by 80 percent. Right
                     now there is no MIC on site because of a maintenance shutdown. The reduced amount
                     will be stored at the plant beginning in December when the new equipment will be in
                     place. Among the other matters, Bayer and DEP settled several air pollution issues,
                     notably several involving objectionable odors emanating from the plant in late 2007.
                     About 700 people work at the Institute Industrial Park. Approximately 520 are Bayer

   CropScience employees.

7. September 22, KOVR 13 Sacramento – (California) Big rig carrying bleach crashes
   on Interstate 5. Crews are still trying to clean up after a big rig carrying bleach jack-
   knifed on Interstate 5 in Stockton, California, caught fire, and spilled 1,000 gallons of
   its chemical load September 22. The crash happened just after 7 a.m. in the southbound
   lanes of I-5 just north of Pershing Ave. At one point, both directions of I-5 were closed
   but California Highway Patrol (CHP) later reopened all northbound lanes and two of
   the four southbound lanes. Thick smoke covered both directions of the freeway as
   firefighters doused the flames. CHP saud the truck was carrying bleach also known as
   sodium hypochloride. Hazardous-materials teams said it is a 7 percent solution used as
   household bleach.

8. September 22, Tarrytown-Sleepy Hollow Patch – (New York) Man tried to wash
   away acid spill. The Westchester County Health Department in New York is
   investigating an acid spill that occurred in Sleepy Hollow September 22. A 20-35
   gallon drum of hydrochloric acid spilled out of a delivery truck in the parking lot of
   100 College Avenue — the truck’s manifest indicated it was carrying both hydrochloric
   acid and nitric acid. The accident occurred around 1:40 p.m. when a deliveryman
   driving a truck for a New Jersey-based company hit a speed bump, causing the drum to
   tip over inside the truck. The drum cracked on impact and began to spill out the back.
   Sleepy Hollow police said, when they arrived, the driver of the truck was attempting to
   wash the hazardous chemicals down a storm drain –- storm drains in the village
   eventually lead out to the Hudson River. “I guess the owner of the truck was using a
   garden hose to clear it down the drain, you’re not supposed to do that,” the Sleepy
   Hollow Village administrator said. The Westchester County Hazardous Materials Unit
   was on scene trying to assess how much of the acid went into village storm drains.
   They were joined by the New York State Department of Environmental Conservation
   as well as state and county police units. Police were on scene because attempting to
   wash away a hazardous spill is considered a criminal matter.

9. September 22, Charleston Daily Mail – (West Virginia) Methanol leak into Kanawha
   larger than first reported. While West Virginia state officials continue to reassure the
   public there is no immediate danger following a large chemical leak from the DuPont
   plant in Belle, Kanawha County commissioners are criticizing the state for failing to
   inform local emergency services the leak had occurred. DuPont officials are now
   saying more than 160,000 pounds of methanol liquid was dumped into the Kanawha
   River over a 24-hour period, instead of over several weeks, according to a new
   statement from the company. According to a DuPont statement released September 22,
   workers at the Belle plant discovered the leak in a heat exchanger in the Methylamines
   production unit while conducting regular sampling of the plant’s water outfall
   September 21. A DuPont spokesman said the leak had traveled through the unit’s steam
   system into the outfall and was discharged into the Kanawha River. The leak was

                     stopped about 8 p.m. September 21. Officials with the DuPont plant first notified the
                     state of the leak September 21. At first, it was reported by media outlets that only 5,000
                     pounds had flowed into the river. However, that amount reflected only the minimum
                     regulatory requirement for reporting a leak, according to the spokesman. “The plant
                     notified regulatory authorities as required,” he said in a statement. “In those immediate
                     notifications, we reported that the leak exceeded the regulatory threshold reportable
                     quantity of 5,000 pounds. Our preliminary investigation indicates that approximately
                     160,000 pounds of methanol was released in the 24-hour period prior to identifying the
                     leak,” he said.

                  For another story, see item 29

[Return to top]

Nuclear Reactors, Materials and Waste Sector

                  10. September 23, York Daily Record – (Pennsylvania) Peach Bottom nuke plant
                      generates two misconduct issues. Recent problems that Peach Bottom Atomic Power
                      Station in Peach Bottom, Pennsylvania had with two employees have led to a low-level
                      violation being issued by the Nuclear Regulatory Commission. (NRC). Last year, a
                      former security officer “deliberately” attempted to substitute a urine sample during a
                      random fitness-for-duty test, according to a federal investigation. When officials with
                      Exelon Nuclear discovered problems with the specimen during a September 2009 test,
                      they asked for a second sample — this time under observation. That sample tested
                      positive for an illegal substance and Exelon fired the guard. The NRC may take further
                      enforcement action, ranging from banning the guard from working in the nuclear
                      industry to a notice of violation, a NRC spokesman said. A second investigation
                      involving worker misconduct at the plant led to Peach Bottom being hit with a low-
                      level violation. The June 3, 2010 investigation found that, in September 2008, a
                      contracted worker failed to divulge on a questionnaire his prior, non-nuclear related
                      job. Also, he did not disclose that he had been fired from that job for failing a fitness-
                      for-duty test. As a result, between September 11 and September 28, 2008, the plant
                      granted the contractor unescorted access to non-vital areas of the plant. “This raises the
                      concern about the screening process for workers seeking unescorted access,” the NRC
                      spokesman said. In response to both incidents, the plant has taken corrective steps such
                      as providing deliberate misconduct training to each of its 800 workers and investigating
                      to ensure that similar issues have not occurred.

                  11. September 23, Brattleboro Reformer – (Vermont) State: VY leaks had little effect on
                      public. No significant adverse health effects from radiological exposures have resulted
                      from the operation of the Vermont Yankee nuclear power plant during 2009, according
                      to a report issued September 22 by the Vermont Department of Health (DOH). Even
                      including the discovery of a leak of tritiated water at the plant, the DOH found no
                      instances of non-compliance with the state’s radiological health rule. “However, the

                     identification of radioactive materials in water leaking from the station’s structures,
                     systems and components through unmonitored pathways in 2009 and 2010 has
                     prompted an expanded long-term monitoring effort,” the report stated. The surveillance
                     report for 2010 will include detailed information and data related to the event. It also
                     provides a long-term comparison of previous surveillance reports, which shows no
                     significant increase in radiological exposures due to the plant’s operation, including in
                     the period following a 20 percent power uprate in 2006. According to the report,
                     samples of fish, milk, water, soil and sediment showed no levels of radioactivity
                     “outside historical range.” The report also states “an analysis of health statistics for
                     people who live in the communities surrounding Vermont Yankee shows that health
                     outcomes do not differ significantly from people in the rest of Windham County,
                     elsewhere in Vermont, or the U.S. as a whole.” The primary concern about chronic
                     low-level exposure to ionizing radiation is its potential to increase people’s risk of
                     developing cancer, states the report. DOH reviews data for new cancer cases (the
                     incidence rate) and cancer mortality for Windham County and the six towns in the
                     emergency preparedness zone (EPZ). The rates calculated in the 2009 report were
                     similar to those in the 2008 report, states the DOH. According to a review of the data
                     conducted by the DOH, cancer incidence in the EPZ is lower than in Windham County
                     as a whole, the state, and the country.

[Return to top]

Critical Manufacturing Sector

                  12. September 22, WEWS 5 Cleveland – (Ohio) Explosion at Cleveland metal plant
                      injures two workers. Two workers at a metal plant in Cleveland, Ohio were injured
                      after a gas explosion the morning of September 22. The blast happened in one piece of
                      equipment, an oven, at Erieview Metals on Johnston Parkway, according to the plant
                      manager. The two workers hurt did not sustain serious injuries, he said. The fire
                      department and gas company were called to the scene. No other details of the incident
                      have been released.

[Return to top]

Defense Industrial Base Sector

                  13. September 22, United Press International – (Louisiana) Louisiana shipyard rescue
                      may involve foreign buyer. Foreign investor interest in the purchase and rescue of
                      Louisiana’s premier shipyard at Avondale is growing as the date for Northrop
                      Grumman’s plans to close the facility draws near. Northrop Grumman, the yard’s latest
                      owner, expressed skepticism that the facility could fit in with its growing emphasis on
                      building a production inventory of unmanned vehicles, cyberwarfare tools and missile
                      systems. Analysts said a potential foreign buyer would most likely be European rather

                     than Asian, because of the shipyard’s role in defense manufacturing. Britain’s BAE
                     Systems plc was among the first potential foreign buyers mentioned in reports of
                     ongoing talks. U.S. Navy and Presidential administration officials indicated last week
                     they would aim to promote interest in the shipyard and could also bring forward plans
                     for new defense ship-building. The shipyard has been in operation for about 75 years
                     and its closure will give General Dynamics, the other major shipbuilder on the scene,
                     an unfair advantage, according to some analysts.

                  14. September 21, U.S. Government Accountability Office – (National) Defense Exports:
                      Reporting on exported articles and services needs to be improved. In order to
                      obtain a more complete picture of defense exports, Congress may wish to consider
                      whether it needs specific data on exported defense services similar to what it currently
                      receives on defense articles, according to a new Government Accountability Office
                      (GAO) report. Congress might also want to request that the State Department (State)
                      provide such data as appropriate, the GAO added in the study. Issued September 21, the
                      report, Defense Exports: Reporting on Exported Articles and Services Needs to Be
                      Improved, found that the U.S. government exports billions of dollars of defense articles
                      and services annually to foreign entities, generally through direct commercial sales
                      (DCS) from U.S. companies under licenses issued by State or through the Department
                      of Defense (DOD) Foreign Military Sales (FMS) program. Congress does not have a
                      complete picture of defense exports under current reporting — including which method
                      of export is used more often by individual countries or for certain types of items. State
                      — which has overall responsibility for regulating defense exports — and DOD, report
                      to Congress in response to various requirements, the study found. However, their
                      annual reports on DCS and FMS exports have several information gaps and
                      inconsistencies — in part, because of the differing purposes of the agencies’ data
                      systems and different reporting methodologies.

[Return to top]

Banking and Finance Sector

                  15. September 23, Washington Post – (National) Under piles of paperwork, a foreclosure
                      system in chaos. The nation’s overburdened foreclosure system is riddled with faked
                      documents, forged signatures and lenders who take shortcuts reviewing borrower’s
                      files, according to court documents and interviews with attorneys, housing advocates
                      and company officials. The problems, which are so widespread that some judges
                      approving the foreclosures ignore them, are coming to light after Ally Financial, the
                      country’s fourth-biggest mortgage lender, halted home evictions in 23 states this week.
                      During the housing boom, millions of homeowners got easy access to mortgages while
                      providing virtually no proof of their income or background. Now, as millions of
                      Americans are being pushed out of the homes they can no longer afford, the foreclosure
                      process is producing far more paperwork than anyone can read, and making it

   vulnerable to fraud. Ally Financial is now double-checking to make sure all documents
   are in order after lawsuits uncovered that a single employee of the company’s GMAC
   mortgage unit signed off on 10,000 foreclosure papers per month without checking
   whether the information justified an eviction. Many of the homeowners in fact, might
   have been in default. Some might have been unfairly targeted. But the flawed process is
   creating an opening for borrowers to contest some of the more than 2 million
   foreclosures that have taken place since the real estate crisis began.

16. September 23, Denver Post – (Colorado) Corporate ID thieves mining the
    store. Dozens of businesses in Colorado, and probably thousands more nationally, are
    victims of a new and easy form of identity theft where corporate data is hijacked and
    millions of dollars in phony credit purchases are made. All it takes is an Internet
    connection and, in some cases, as little as a $10 fee to alter the name of a corporate
    officer or the address of a company’s registered agent on public records. Once that is
    done, thieves acquire corporate credit in multiples much higher than the average
    consumer can get. And most companies might never know it is happening until it is too
    late and credit ratings have been trashed. The nation’s secretary of state offices — the
    agencies that usually register corporations and maintain public databases on them —
    have few protections to stop the Internet-based theft. In Colorado, for example, anyone
    can access the online databases and make changes since there is no password
    protection. “We’re just now getting a handle on the problem,” said a spokeswoman for
    the National Association of Secretaries of State. Such inaction has business owners
    fuming and, in turn, scratching their heads. Thieves are also relying on Dunn &
    Bradstreet — the business equivalent of a consumer credit reporting bureau — as
    unwitting accomplices. The company provides credit ratings on businesses and
    corroborates any reported changes through secretary of state offices — where the fraud
    occurs in the first place. Police investigators have so far identified 48 Colorado
    businesses — many of them easily recognized — affected by the crime and expect to
    find dozens more.

17. September 22, WDIV 4 Detroit – (New York) Man tries to rob bank with bomb
    threat. Redford, Michigan police said a man who claimed to have a bomb tried to rob a
    Chase bank branch on Telegraph Road September 22. Police said the man entered the
    bank at about 11 a.m. and slipped a note to a teller that demanded money and stated he
    had a bomb. The teller told police the man flashed a small black book that, when
    opened, had a timer and what appeared to be a bomb. Police said the teller did not react
    and just looked at the man for several seconds before he turned and left the bank. Police
    said the man is also suspected of being responsible for a previous attempt to rob the
    bank last month. Surveillance pictures of the man from the bank’s security cameras
    have been released by police.

                  18. September 22, – (Ohio) Email phishing scam feeds on credit union
                      trust. Credit unions are trusted community organizations and the latest victim of a
                      recent phishing scam. Customers in Ohio have reported receiving deceptive e-mails
                      that appear to be from their credit union and include a request to take a survey that
                      requires they enter personal information. According to a July 2010 complaint filed with
                      the Ohio Attorney General’s Office, a Columbus woman received an e-mail from her
                      credit union that stated: “You have been randomly selected to take part in this survey to
                      let us know what we are doing well and where we need to do better. In return we will
                      credit $50.00 to your account — Just for your time!.” The e-mail featured the credit
                      union’s logo and listed the correct contact information, so the woman clicked on the
                      provided link. The survey prompted her to enter her account number, but she knew her
                      credit union would never ask for this information on the Internet, so she closed the link.
                      If she had proceeded, her financial information would have been in the hands of
                      scammers. Be skeptical of offers similar to this one. Never enter personal information
                      online when unsure of where it is being sent. People who receive suspicious e-mails are
                      are advised to call their credit union.

                  For another story, see item 55

[Return to top]

Transportation Sector

                  19. September 23, WINK 9 Fort Meyers – (Florida) Delta flight makes emergency
                      landing at RSW. A Delta Airlines flight from Minneapolis, Minnesota to Fort Myers,
                      Florida had to make an emergency landing at Southwest Florida International Airport
                      early September 23. An airline spokesman said the plane developed a problem when
                      the door to the nose landing gear would not open. The flight crew called ahead so that
                      an an emergency response team would be ready. Flight 2733 landed without incident.
                      Delta said a maintenance team would inspect the nose gear door and fix any problems
                      so that the plane can return safely return to the air as soon as possible.

                  20. September 23, Rutland Herald – (Vermont) Broken pipe caused train derailment. A
                      broken pipe was to blame for the train derailment in Rutland, Vermont September 21.
                      The Vermont Railway President said September 22 that rail workers determined a pipe
                      under one of the train cars broke, got caught in the tracks and catapulted the car off the
                      track, causing a derailment that snarled traffic for about 1 hour beginning at about 5:30
                      p.m. The pipe hit the tracks 2 miles before the train derailed. The conductor of the train
                      didn’t see or feel the pipe and wasn’t at fault. The damage was minimal and all the cars
                      were empty during the derailment.

21. September 23, Associated Press – (Wisconsin) Flooding causing trouble in central,
    northern Wisconsin. Heavy rain and flooding in western Wisconsin is causing
    evacuations and road closures in Arcadia and lesser problems across central and
    northern Wisconsin. The Trempealeau Sheriff’s Department said the city of Arcadia is
    dealing with some major flooding. The mayor has declared a state of emergency.
    Deputies said the downtown area is completely flooded, and officials have ordered a
    mandatory evacuation of Cleveland Street in Arcadia. Arcadia’s park and recreation
    director estimated 100 homes in the city of 2,500 could be affected by flooding. The
    Arcadia School District has canceled classes and production is on hold at Ashley
    Furniture. Sheriff’s deputies said Highways 95 and 93 into Arcadia are flooded.

22. September 23, WNYW 5 New York – (New Jersey) Experts: Lax security screening of
    trucks at Newark Airport. A news investigation has exposed what experts call a
    major security lapse at Newark Liberty Airport in Newark, New Jersey. While
    passengers go through Transportation Security Administration checkpoints that
    confiscate bottled water and even small tubes of toothpaste, large trucks and vans
    packed with cargo drive right passed security checkpoints onto the airport tarmac with
    little to no inspection. Video captured by Fox 5 News has sparked action by one
    government agency and stunned aviation and security experts. “Compared to what
    passengers put up with, this was a playground,” said an aviation security expert. A
    security firm called FJC is responsible for security at Terminal C at Newark Airport.
    The video shows FJC security guards stopping trucks at the checkpoint, then walking
    around the truck using a mirror to look at the undercarriage of the vehicle, but never
    actually examining the cargo inside the truck, save for a cursory, 5-second glance
    inside. “That’s not what security is about,” an expert said. “The worst-case scenario is
    an individual goes in with a truck filled with a sizeable amount of explosives.” Bomb
    sniffing dogs were never seen at the checkpoints. FJC also operates at LaGuardia and
    John F. Kennedy airports in New York.

23. September 22, Flight – (California) NTSB: Parking brake error behind JetBlue tire
    fire, evacuation. The National Transportation Safety Board said pilots of a JetBlue
    Airbus A320 that experienced landing difficulties at the Sacramento International
    Airport in Sacramento, California August 26 had mistakenly engaged the aircraft’s
    parking brake during the approach. Upon touchdown after an otherwise normal arrival,
    the first officer, who was flying, experienced a “rapid deceleration” which he described
    to the captain as feeling like a main landing gear tire blow out. Flight 262, inbound
    from Long Beach, was carrying 86 passengers and five crew members. The captain
    took control after the initial touchdown, maintaining directional control and stopping
    the aircraft about 2,000 ft. from the touchdown point. Aircraft damage was minor,
    consisting of four deflated main gear tires and ground-down wheel rims, according to
    the Federal Aviation Administration. A post-incident analysis of N590JB’s flight data
    recorder revealed that the parking brake had been set during the approach phase at
    approximately 5,100 ft .altitude and remained engaged during the landing.

                                                                                        - 10 -

24. September 22, Long Island Press – (New York) LIRR service to Montauk restored
    after trestle crash caused 8-hour suspension. A truck crashed into a Long Island Rail
    Road train trestle in East Hampton, New York, resulting in an 8-hour service
    suspension between Bridgehampton and Montauk September 22. The truck crashed
    into the trestle forcing the 8:52 a.m. train from Babylon due in Montauk at 10:53 a.m.
    to be canceled at the Bridgehampton station. Riders traveling to the East Hampton,
    Amagansett and Montauk stations were provided bus service while workers repaired
    the damage. Metropolitan Transportation Authority officials announced that service
    was restored shortly after 4 p.m.

25. September 22, Congressional Quarterly – (National) TSA looking for ‘missing piece’
    in pallet screening. For federal security officers, shipping pallets is a headache
    because they often are stacked high with boxes so dense and containing so many
    different materials that no scanning device can adequately screen them. The pallet
    problem is one of many reasons the Transportation Security Administration (TSA) was
    unable to meet an August congressional deadline to screen all international airline
    cargo for explosives. Driven by that mandate, DHS is aggressively working to develop
    a system that allows officers to check entire pallets without disassembling them. The
    acting director of the explosives division at the department’s Science and Technology
    Directorate said the solution will likely be a layered approach, rather than a single
    machine. TSA already has canine units, large-scale metal detectors and X-ray imagers
    in place, but all of those have limitations. A good metal detector can generate a high
    number of false positives given a pallet’s makeup, right down to the staples used in
    packing materials. And X-rays have a hard time penetrating electronics, engine blocks,
    agricultural products, and other dense matter. The missing part of the equation is trace
    detection, a way of looking at the “molecular fingerprints” of material clinging to
    pallets. Scientists have found that handling explosives without generating at least some
    particulate matter is extremely difficult. Two companies have contracted to produce
    trace detectors for pallets that use mass spectrometry, a higher-resolution version of the
    “swab scanners” sometimes seen in airport passenger lines.

26. September 22, Jersey Journal – (New Jersey) Light rail service from Hoboken
    Terminal to Tonnelle Avenue suspended due to wire damage. Service on the
    Hudson-Bergen Light Rail service north of Hoboken Terminal in New Jersey was
    adjusted September 22 due to 2,000 feet of damaged overhead wire, according to New
    Jersey Transit’s Web site. A catenary line was downed in the vicinity of 9th Street
    Station and had to be repaired before normal light rail service could resume, the site
    said. Trains operating between West Side Avenue and Tonnelle Avenue stations were
    subject to 20-minute delays in both directions due to single-track operation north of
    Pavonia-Newport. The cause of the wire damage is under investigation, a

                                                                                         - 11 -
                     spokeswoman said.

                  For more stories, see items 7 and 8

[Return to top]

Postal and Shipping Sector

                  27. September 22, Wicked Local Plymouth – (Massachusetts) Manomet neighborhood
                      vandalized. Vandals and thieves tore through the Shallow Pond Estates neighborhood
                      of Manomet in Plymouth, Massachusetts September 21, defacing signs, stealing
                      bicycles and prompting a hazardous materials investigation. Police said graffiti
                      associated with marijuana use was scrawled on signs on Talia Way. Bicycles were
                      reported stolen from two homes on nearby Andrews Way. A fire extinguisher was also
                      set off inside a mailbox of Andrews Way. The discovery of white powder in a mailbox
                      prompted a hazardous materials scare. Police closed off the neighborhood until
                      firefighters and a hazardous materials team determined the powder came from an
                      extinguisher. Police searched the area and found a spent extinguisher in nearby bushes.
                      Police had no immediate suspects for the thefts or vandalism.

                  28. September 22, KPSP 2 Thousand Palms – (California) Suspicious package prompts
                      news station evacuation. A suspicious package was sent September 22 to the KPSP
                      Local 2 newsroom in Thousand Palms, California, leading to the temporary evacuation
                      of the station — less than 48 hours after the California Highway Patrol (CHP) received
                      a similar package. The package sent to the TV station arrived in the mail September 22
                      from an unmarked sender. It was in a manila envelope and contained a small notebook
                      with some sort of canister attached, believed to contain carbon dioxide. The station’s
                      assignment manager said he immediately knew something could have been wrong with
                      the package. “It just looked a little off,” he said. “Then when I took the package out of
                      the envelope, I immediately brought it outside, washed my hands, and called the
                      police.” Several Riverside County Sheriff’s deputies, along with the Riverside County
                      Fire Department were dispatched to the Thousand Palms station, at which time they
                      asked the building to evacuated for about 15 minutes. The bomb squad left the station
                      with the suspicious package. Officers do not believe the package to be a bomb, but they
                      confirmed that it is identical to the package received by CHP September 20.

[Return to top]

Agriculture and Food Sector

                                                                                                          - 12 -
29. September 23, Associated Press – (Nebraska) Authorities: Gunman wounds 3, kills
    self in Neb. A man shot and wounded three people at Americold Logistics, a cold-
    storage facility in Crete, Nebraska, where he worked, before apparently shooting and
    killing himself September 22, authorities said. The Saline County sheriff said that about
    35 people were at the Americold facility when the gunman opened fire at about 10 p.m.
    The gunman worked at the plant, he said. About 50 officers responded to reports of the
    shooting, unsure of whether the shooter was still a threat. “When we first came across
    him, it appeared that it was a self-inflicted wound that ended it,” the sheriff said,
    referring to the gunman. Two of the wounded were taken to a Lincoln hospital. The
    other was treated at the Crete Area Medical Center. Their names and conditions were
    not available, and it was unclear whether they also worked for Americold. The
    Americold facility is a few miles south of Crete and next to a Farmland Foods plant.
    Both were locked down immediately after the shooting, although authorities do not
    believe the gunman ventured onto Farmland property. By early September 23,
    Farmland had reopened and Americold workers were allowed to leave.

30. September 23, KIFI 8 Idaho Falls – (Idaho) Fire in downtown Blackfoot prompts
    evacuations. As of 11 p.m. September 22, a fire continued to burn in Blackfoot, Idaho
    where a storage unit once stood. The building across the street from the Sartori Foods
    plant caught fire at about 4:30 p.m., forcing evacuations and knocking out power to
    more than 800 people. In cell phone video from a witness, smoke and flames are seen
    shooting out of the storage facility. It is some of the first glimpses of the blaze that
    started across the street from Sartori. Cardboard and cleaning chemicals for the plant
    were burning inside. Streets within a two and a half mile radius were shut down in an
    effort to protect people and homes. Hundreds were evacuated as the fire burned. No
    one was inside the building when the fire started. Management with Santori Foods said
    they plan to continue to work with fire investigators to try to put together exactly what
    happened to start the fire.

31. September 23, Pensacola Business Journal – (Florida; International) Lionfish found in
    Gulf a beastly threat. A beautiful yet venomous lionfish, native to the Indian and
    Pacific oceans, has been captured on a reef about 16 miles off Pensacola Beach,
    Florida. It is the first documented lionfish found off the coast of Northwest Florida and
    the second one confirmed in the eastern Gulf of Mexico, although there have been other
    undocumented sightings, said the co-owner of Scuba Shack on South Palafox Street.
    The 6-inch fish, captured September 9, is residing in a saltwater tank at the downtown
    dive shop. It has red and white stripes, a tall row of venomous spines and fanlike fins
    that resemble a lion’s mane. Its discovery is igniting fears that the invasive species is
    rapidly spreading from the Florida Keys and its population may explode. The biggest
    concern is the lionfish will decimate recreational and commercial fish populations,

                                                                                         - 13 -
   including grouper and snapper, said an environmental administrator with the Florida
   Fish and Wildlife Conservation Commission, Marine Fishery Division. There are no
   major predators or diseases to control the populations. The National Oceanic
   Atmospheric Administration is examining hundreds of samples of lionfish found up
   and down the Eastern seaboard, the Caribbean and the Gulf of Mexico.

32. September 23, WSOC 9 Charlotte – (North Carolina) Man makes bomb threat at
    local Food Lion. A man claimed he was going to blow up the Food Lion on Highway
    49 in Mount Pleasant, North Carolina, Cabarrus County sheriff’s deputies said. The
    man went into the store late September 22 and announced that he was going to set off a
    bomb. He had a gun and showed it to an employee, deputies said. The employee went
    into an office and locked the door, and the man then took off, deputies said. He has not
    been found. Officials brought a bomb-sniffing dog to the property, but the dog did not
    find anything.

33. September 22, WTAQ 1360 AM Green Bay – (Iowa; National) Feds: Feed ingredients
    not Salmonella source at Iowa egg farm. Federal officials said feed ingredients
    bought by an Iowa egg company were not the source of Salmonella that contaminated
    the farm’s eggs. According to FeedStuffs.Com, the Food and Drug Administration
    (FDA) believes the feed got contaminated during or after its processing at Wright
    County Farms. But officials are still not sure how the Salmonella was generated — and
    their investigation is continuing. Wright and nearby Hillandale Farms recalled 550
    million eggs after a salmonella outbreak reported last month. It was responsible for
    making 21 diners sick at a Kenosha, Wisconsin restaurant in June. More than 1,500
    people were sickened nationally. Top officials of both egg farms testified before a
    House sub-committee in Washington D.C. September 22. Panel members said they
    have records showing that Wright routinely tested positive for Salmonella
    contamination in the 2 years before the outbreak. The sub-committee has also asked the
    FDA and the Ag Department for their records in the case. Reports show that U.S.
    Department of Agriculture inspectors were aware of growing sanitary problems at
    Wright — but they did not notify health officials.

34. September 21, Associated Press – (Arizona; International) Agents stop harmful
    insects at U.S.-Mexico border. Border agents in Nogales, Arizona, said they recently
    stopped three harmful foreign insects from entering the United States from Mexico, and
    that two of them have never before been found in the United States. Agents said
    September 20 that on August 11, agricultural specialists found an adult weevil, also
    known as a snout beetle, among pineapples and Persian limes. On September 6,
    specialists found an adult Hemipteran insect among tomatoes. The insects can damage
    crops by piercing plant tissues and feeding on the juices. Within minutes of finding that
    pest, inspectors found two adult shield bugs among corn. They have piercing mouth

                                                                                        - 14 -
                     parts that can suck sap from plants. Agents said the weevil and the shield bugs have
                     never been found at a port of entry.

                  For another story, see item 40

[Return to top]

Water Sector

                  35. September 23, KTUL 8 Tulsa – (Oklahoma) Water outage expected to cause more
                      problems. Thousands are without water in Broken Arrow, Oklahoma, and plumbers
                      expect more problems once the water is back on. A water main break east of Broken
                      Arrow left residents with low or no water pressure September 23. A spokesman with
                      Mullin Plumbing said anytime a water main breaks when the water comes back on
                      residents encounter major problems. He said he is bringing in extra help to take care of
                      the increase in calls.

                  36. September 22, WFMZ 69 Allentown – (Pennsylvania) Tap water given first OK to
                      drink since 2003. For the first time in 7 years, residents of Bally, Berks County,
                      Pennsylvania, no longer need to drink bottled water. The U.S. Environmental
                      Protection Agency (EPA) has sent a letter to residents informing them that construction
                      of a new water supply well in Washington Township is now complete. Officials said it
                      replaces one contaminated by a chemical that leaked into the groundwater from storage
                      containers on the site of the old Bally Engineered Structures company. The EPA said
                      the new well, with the old one disconnected and the borough water system now
                      flushed, makes the tap water safe for drinking and cooking. Tests done by the EPA in
                      2003 showed that the borough’s water system contained low levels of the cancer-
                      causing toxin 1,4-dioxane, a solvent used in degreasing and in the formulation of inks,
                      coatings, and adhesives. The remedial project manager said he wanted the cancer risk
                      of 1 in 100,000 to drop to 1 in 1 million Hesaid the new well is in an uncontaminated
                      location and will continue to be monitored. The delivery of bottled water will end
                      September 28, and arrangements will be made to recover bottled water dispensers.

                  37. September 21, Associated Press – (Washington) Fish kill, dead shrimp reported in
                      Hood Canal. Scientists who have been monitoring low oxygen levels in Hood Canal in
                      Hoodsport, Washington, say hundreds of dead fish and thousands of dead shrimp were
                      spotted September 20 washed up on the waterway’s beaches. A University of
                      Washington oceanographer says that lots of nearby residents are reporting dead fish. A
                      Washington Department of Fish and Wildlife biologist said thousands of dead spot
                      prawns washed up on the beach at Hoodsport on September 21 and thousands more are
                      struggling to survive in shallow water near the shoreline. He is calling the observations
                      September 20 an “extensive fish kill geographically “ but not yet the massive fish kills
                      seen in previous years. Earlier in September, he warned that the oxygen level in the

                                                                                                          - 15 -
                     south end of the canal was at a record low. Conditions are similar to 2006 when
                     thousands of fish died.

                  38. September 21, Los Angeles Times – (National) Dust cuts Colorado River flow. The
                      dark dust thrown up by human activity in the deserts of the Southwest hastens the
                      melting of Rocky Mountain snow and ultimately reduces the amount of water flowing
                      into the upper Colorado River by about 5 percent, scientists reported September 20.
                      The lost water amounts to more than 250 billion gallons, enough to supply the Los
                      Angeles, California region for 18 months, said the study leader, a snow hydrologist at
                      the Jet Propulsion Laboratory. Researchers had already shown that dust emissions in
                      the Southwest have increased fivefold since the mid-19th century, when settlers and
                      their livestock poured across the frontier, breaking up the fragile crusts atop desert
                      soils. That extra dust absorbs more sunlight, melting the snowpack sooner and
                      shortening the duration of snow cover each year by 3 to 4 weeks, the study leader said.
                      The Colorado River and the vast system of dams and reservoirs along it supply water to
                      27 million people in seven states, including California, and Mexico. Restoring some of
                      its flows by cutting dust emissions could help relieve the longstanding, intractable
                      water shortages that have shaped the history of the West.

[Return to top]

Public Health and Healthcare Sector

                  39. September 23, WEWS 5 Cleveland – (Ohio) Smoke spotted at VA hospital, ward
                      evacuated. Smoke was spotted at the Louis Stokes Cleveland Veteran’s Affairs
                      Medical Center in Brecksville, Ohio September 23, forcing one of the wards of the
                      hospital to be evacuated, a hospital spokesman said. No injuries were reported, and a
                      fire never occurred. Nurses noticed the smoke and immediately pulled the fire alarm to
                      clear the building around 8:45 a.m. Crews responded from six different fire
                      departments, in case the incident turned out to be an emergency situation, the
                      spokesman said. About 45 patients were evacuated from the ward. Once the building
                      was cleared, firefighters went room to room looking for the source or any hot spots.
                      They were unable to locate any damage, or determine what caused the smoke. After
                      sweeping the building and performing various tests, fire officials determined the
                      building was safe and allowed everyone to re-enter the ward.

                  40. September 22, Reuters – (Michigan; International) Abbott recalls beetle-tainted
                      Similac baby formula. Abbott Laboratories said it is recalling millions of containers of
                      its No. 1 Similac powdered infant formulas after beetles were found in the products,
                      and in a Michigan plant where they are made. Abbott said September 22 the voluntary

                                                                                                         - 16 -
                     recall follows reports by two consumers of contamination and its inspection of an area
                     of the plant in Sturgis, Michigan — where beetles or their larvae were found. Abbott
                     said “less than 5 million units” of Similac are being recalled in the United States,
                     Guam, Puerto Rico and other Caribbean markets. “When we identified this, we did
                     extensive testing of every product on the (factory) line, and more than 99.8 percent of
                     the product was negative” for beetle contamination, said a company spokeswoman. She
                     noted that liquid forms of Similac have not been affected or recalled.

                  41. September 21, Charleston Gazette – (West Virginia) Whooping cough on rise in
                      W.Va. Dozens of people, mostly children, across West Virginia may have whooping
                      cough, and state health officials are investigating more cases this year than in the past
                      several years combined. But health officials don’t believe there’s an epidemic of the
                      bacterial infection, also known as pertussis. “Whooping cough has never gone away,”
                      said the director of the state office of epidemiology and prevention services. “We’ve
                      always had cases of pertussis reported, some years more than others.”

[Return to top]

Government Facilities Sector

                  42. September 22, WBBM 2 Chicago and Sun-Times Media Wire – (Illinois) 2 major loop
                      government buildings evacuated. The Daley Center in Chicago, Illinois was
                      evacuated September 22 after someone called in a bomb threat. Meanwhile in a
                      separate incident, the Cook County Administration Building across the street was also
                      evacuated, and fire trucks rushed to the Cook County Building adjacent to city hall, due
                      to reports of smoke. Police responded at 7:10 a.m. to a bomb threat at the civil
                      courthouse and office building at 50 W. Washington St., according to a Cook County
                      sheriff’s office spokesman. A bomb threat was also reported at Millennium Park,
                      authorities said. As a precaution, employees were not let into the building as authorities
                      conducted a search. Three suspicious bags were found on an unidentified floor and K-9
                      officers were called in to inspect the bags, according to the sheriff’s department. It was
                      determined the bags were not explosives and around 8:40 a.m., the building was
                      cleared and reopened. Harrison Area Chicago Police detectives will investigate the
                      incident, the police news affairs director said. In an unrelated incident, the fire
                      department received calls of smoke on the eighth floors of both the Cook County
                      Building, at 118 N. Clark St., and the Cook County Administration Building, across the
                      street from the Daley Center at 69 W. Washington St. The administration building was
                      evacuated. Fire trucks lined up in front of the County Building, but it did not appear to
                      be evacuated. Firefighters found nothing upon arriving, officials said.

                  43. September 22, CNN – (International) DoD: Civilian contractors in Kuwait didn’t
                      have proper clearances. A new Defense Department (DOD) report said many civilian
                      contractors working in Kuwait didn’t have proper clearances and could have

                                                                                                            - 17 -
   jeopardized the safety of U.S. military personnel and undermined national security. The
   DOD Inspector General said dozens of contractors worked in sensitive positions
   without security clearances or the official passes they needed. And some of those
   people, according to the report, were allowed to remain on the job even after inspectors
   uncovered the security problems. The report said a company called Combat Support
   Associates (CSA) was awarded the contract in 1999 for what was called Combat
   Support Services Contract-Kuwait (CSSC-K). The contract was extended and is due to
   expire at the end of September after costing the government more than $3.3 billion.
   “CSSC-K contractor employees occupied sensitive positions such as force protection
   officers, system administrators, and supply inspectors in Kuwait without obtaining
   security clearances,” the report said. The Inspector General said the company’s security
   office failed to track 21 of 379 employees who were in sensitive positions, such as
   ammunition supply, and that 11 employees did not have a valid security clearance. In
   addition, there was no information on whether some of the employees had a U.S.
   passport, although U.S. citizenship was required by the contract.

44. September 22, U.S. Government Accountability Office – (National) U.S. GAO -
    Building Security: New federal standards hold promise, but could be strengthened
    to better protect leased space. The federal government’s reliance on leased space
    underscores the need to physically secure this space and help safeguard employees,
    visitors, and government assets, according to a new Government Accountability Office
    (GAO) report. Published September 22, the study found that in April 2010 the
    Interagency Security Committee (ISC), comprised of 47 federal agencies and
    departments and chaired by DHS issued Physical Security Criteria for Federal Facilities
    (the 2010 standards) which supersede previous ISC standards. In response to Congress’
    direction to review ISC standards for leased space, the GAO report (1) identifies
    challenges that exist in protecting leased space and (2) examines how the 2010
    standards address these challenges. To conduct this work, GAO analyzed agency
    documents and interviewed federal officials from ISC, four federal departments
    selected as case studies based on their large square footage of leased space, and the
    Federal Protective Service (FPS). GAO also consulted prior work on federal real
    property and physical security, including key practices in facility protection. To
    enhance the value of ISC standards for addressing challenges with protecting leased
    space, the DHS Secretary should instruct the ISC Executive Director, in consultation,
    where appropriate, with ISC member agencies to establish an ISC working group or
    other mechanism to determine guidance for working with lessors, which may include
    best practices to secure common areas and public access.

45. September 22, Associated Press – (South Carolina) SC principal: 2nd student
    questioned in shooting. The principal of a Columbia, South Carolina high school
    where pipe bombs were discovered and disarmed after a shooting confirmed September
    22 that a second student was being questioned in the incident. The Socastee High
    School principal said police asked the second student about the September 21 event at
    the school, and the student was released to his parents. The incident began when a

                                                                                      - 18 -
                     freshman confronted an on-campus officer and fired a gun before being taken into
                     custody, police said. Students were evacuated to a football field and bomb squads
                     removed and disarmed the explosive devices. The students returned to school
                     September 22 after walking through metal detectors, which will be used for the rest of
                     the week. Detectives also interviewed other students about the incident and reports that
                     comments had been posted on a social networking site before the shooting, the
                     principal said. He could not confirm that any of the comments came from the freshman.

                  46. September 22, WGN 9 Chicago – (Illinois) Chemical spill sends 3 to
                      hospital. Chicago, Illinois Fire Department officials responded September 22 to
                      Roosevelt University in the Loop for a hazardous-materials incident. Fire officials also
                      called for an EMS Plan 1, sending five ambulances to the scene at 430 South Michigan.
                      Officials at the scene said one person was transported in fair condition and two other
                      people in good-to-fair condition to Northwestern Memorial Hospital for exposure to
                      fumes. All victims were complaining of irritation to the throat and were experiencing
                      headaches. Fire officials said a chemical spill on the 6th floor triggered the response,
                      police officials said. One block on Van Buren Street was closed off to traffic to allow
                      emergency crews to assist in the incident.

[Return to top]

Emergency Services Sector

                  47. September 23, Associated Press – (New York) N.Y. copter ditched in water was
                      awaiting Obama. A police helicopter that made an emergency landing in the water off
                      New York City, New York was airborne in anticipation of the President’s arrival for
                      the U.N. General Assembly. The Air and Sea Rescue helicopter had six police officers
                      on board, including two scuba divers, when a suspected mechanical failure forced it
                      down to the water. The September 22 landing was rough enough to cause a rotor to
                      snap and dent the windshield. No one was seriously injured. Police said the helicopter
                      was in the air as part of the standard procedures used when the President comes to New
                      York. The chopper was approaching a New York Police Department airfield bordering
                      Jamaica Bay in Brooklyn when the crew deployed flotation devices and touched down
                      30 yards from shore.

                  48. September 23, Wisconsin State Journal – (Wisconsin) State’s public safety radio
                      network may have shortcomings, hidden costs. Nearly half of the money Wisconsin
                      has received in federal homeland security grants recently has gone toward helping
                      emergency responders communicate with each other, but efforts to build public safety
                      radio networks have been plagued by complaints about hidden costs and limited
                      effectiveness. More than 40 percent of the $10.4 million allocated to the state this fiscal
                      year will be used to improve radio communication between police, firefighters and

                                                                                                            - 19 -
                     other emergency responders, according to a Wisconsin Homeland Security report
                     released September 22. In the wake of disasters like 9/11 and Hurricane Katrina,
                     helping public safety officials talk to each other has become a national priority. But
                     emergency responders statewide, and across the country, still face serious obstacles in
                     radio communications. The new report said Wisconsin will receive about $4.5 million
                     for radio communications during the current fiscal year. That’s after the state got some
                     $4.7 million for such purposes in fiscal 2009, and $5 million in fiscal 2008.

                  49. September 22, U.S. Government Accountability Office – (National) Disaster Response:
                      Criteria for developing and validating effective response plans. Among the lessons
                      learned from the aftermath of Hurricane Katrina that devastated New Orleans,
                      Louisiana in 2005 was effective disaster response requires planning followed by the
                      execution of training and exercises to validate those plans, states a new Government
                      Accountability Office (GAO) report. Published September 22, the study found that The
                      Federal Emergency Management Agency (FEMA) is responsible for disaster response
                      planning. This testimony focuses on (1) criteria for effective disaster response planning
                      established in FEMA’s National Response Framework, (2) additional guidance for
                      disaster planning, (3) the status of disaster planning efforts, and (4) special
                      circumstances in planning for oil spills. This testimony is based on prior GAO work on
                      emergency planning and response, including GAO’s April 2009 report on FEMA
                      efforts to lead the development of a national preparedness system. GAO reviewed the
                      policies and plans that form the basis of the preparedness system. GAO did not assess
                      any criteria used or the operational planning for the response to the April 2010
                      explosion of the Deepwater Horizon oil platform in the Gulf of Mexico.

                  For another story, see item 61

[Return to top]

Information Technology Sector

                  50. September 23, The Register – (International) Uber-zombie cookies give us the
                      fear. Privacy activists got hot under the collar about the use of flash cookies to respawn
                      traditional Web site cookies but an even more persistent type of cookie that’s almost
                      impossible to kill off may lie just around the corner. So-called invulnerable evercookies
                      use eight different techniques and locations to hide on tagged systems, including Web
                      history, HTML5 session storage and even the “RGB values of auto-generated, force-
                      cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out” as well as in
                      flash or regular cookies. Providing just one copy of the cookie remains, the other
                      locations are rebuilt. A developer explains the point of his idea: “Evercookie is
                      designed to make persistent data just that, persistent. By storing the same data in
                      several locations that a client can access, if any of the data is ever lost (for example, by
                      clearing cookies), the data can be recovered and then reset and reused. Simply think of

                                                                                                             - 20 -
   it as cookies that just won’t go away.” The developer reckons using Private Browsing
   in Safari will stop ALL evercookie methods following a browser restart. He has not
   tested whether this approach work with other browsers.

51. September 23, Associated Press – (International) Twitter hack: Made in Japan? The
    recent Twitter attack that caused a widespread headache for the micro-blogging service
    appears to have been triggered by a Japanese computer hacker who said he was only
    trying to help. The attack, which emerged and was shut down within hours September
    21, involved a “cross-site scripting” flaw that allowed users to run JavaScript programs
    on other computers. The originator is believed to be someone who uses the name
    “Masato Kinugawa” in cyberspace and acknowledges creating the Twitter account
    “RainbowTwtr” that demonstrated the vulnerability. Through his Twitter account and
    personal blog, Kinugawa regularly tracks down possible computer security loopholes
    and notifies companies of their existence. Earlier this year, he pointed out several
    scripting problems to Japanese Internet company Livedoor, which thanked him with a
    15,000 yen ($177) gift certificate. Kinugawa said he contacted Twitter about the
    weakness August 14 — but in vain. “Twitter had not fixed this critical issue long after
    it had been notified,” Kinugawa tweeted. “Twitter left this vulnerability exposed, and
    its recognition of this problem was low. Rather than have someone maliciously abuse
    this under the radar, I decided it would be better to urgently expose this as a serious
    problem and have it be addressed.”

52. September 23, Techworld – (International) OAuth 2.0 API security tool used by
    Facebook too easy to crack. The emerging OAuth 2.0 Web API authorization
    protocol, already deployed by Facebook, and others, is coming under
    increased criticism for being too easy to use, and therefore to spoof by malicious
    hackers. “The OAuth community has made a big mistake about the future direction of
    the protocol,” wrote the Yahoo director of standards development in a blog post
    recently. His criticism may carry more weight than the usual naysayer, because he is
    actually one of the creators of OAuth. “What makes this more frustrating is that the
    people behind [OAUTH 2.0] are some of the brightest security minds on the Web.
    These guys know exactly what they are doing, and it’s not like they don’t care,” the
    director wrote. “They just gave up and decided that the best they can do is maintain the
    status quo. They are also representing a large and powerful coalition of big companies
    too lazy to work a little harder.” His words may strike an ominous chord, given how
    public and enterprise-based Web services are rapidly adopting the draft IETF (Internet
    Engineering Task Force) standard as a way for Web services to share data. The final
    version of the specification, which has been authored by engineers at Google,
    Microsoft, Yahoo, Facebook and others, is expected this fall.

53. September 22, Sophos – (International) Out-of-the-blue empty emails bring
    redirecting malware danger. E-mail’s are arriving randomly with no message body,

                                                                                        - 21 -
   but with a file called “_inv.html” attached. This is part of a new malware attack that has
   been widely spammed out around the world. If users make the mistake of opening the
   attached HTML file, their computer will be redirected to a fake anti-virus attack on a
   third party site. That means that they will begin to see bogus security warnings trying to
   trick them into handing over credit card details, or to download further dangerous
   software to their computer. A significant challenge emerges in that it is difficult to warn
   the public about these attacks because the e-mail address where the malware is coming
   from changes each time, the subjects appear to be pretty randomly chosen, and even the
   attached filename has a random component. Also, the message body is no use because
   there is nothing to see.

54. September 22, CNET News – (International) Report: Half of apps have security
    problems. More than half of software used in enterprises has security problems,
    according to a new report to be released September 22 from Veracode, an application
    security company. Veracode looked at more than 2,900 applications over an 18-month
    period that were used by its cloud-based customers and found that 57 percent of all the
    apps were found to have unacceptable application security quality. Eight out of 10 Web
    apps failed to meet the OWASP (Open Web Application Security Project ) Top 10
    requirement that is necessary to achieve PCI (payment card industry) compliance for
    use in financial and e-commerce sites, Veracode said. The report finds that third-party
    code, which is growing in use by enterprises, is often insecure. Third-party suppliers
    failed to achieve acceptable security standards 81 percent of the time, the report said.
    Meanwhile, cross-site scripting remains the most common of all application
    vulnerabilities, and .NET applications showed “abnormally high” numbers of flaws,
    Veracode said.

55. September 22, Help Net Security – (International) Breakdown of security weaknesses
    by industry and organization size. WhiteHat Security released the tenth installment
    of its Security Website Security Statistics Report, providing a first-time breakdown of
    the state of Web site security by industry and company size. Compiled using data from
    more than 2,000 production Web sites across 350 organizations, this latest issue shines
    a spotlight on the need for organizations to focus on improving responsiveness in
    remediating vulnerabilities in order to reduce risk and improve the effectiveness of the
    SDLC over time. Until now, no metrics have been available for organizations to apply
    as a benchmark for evaluating themselves against their industry peers. WhiteHat’s
    research findings give executives the insight they need to determine whether the
    resources that are invested in source code reviews, threat modeling, developer training
    and security tools are making a measureable impact in reducing their Web site security
    risk. Furthermore, the industry breakdown allows them to see how their efforts
    compare to their peers, and if any significant changes need to be made to strengthen
    Web site security. For example, the data shows that financial services organizations
    have learned that quick identification and remediation of SQL Injection vulnerabilities,
    which if exploited give attackers access to corporate databases, are imperative. And yet,

                                                                                         - 22 -
   that industry still struggles with overall remediation rates.

56. September 22, Help Net Security – (International) Trojan stealing private key
    certificates. Symantec warns about Infostealer.Nimkey, a Trojan that is designed to
    collect private key certificates, keystrokes, and clipboard data and send it to a Web site
    where the authors can collect them. This Trojan targets PKCS#12 public key certificate
    files, which also contain the private keys that the attackers need to steal the key
    owner’s signature. Spam e-mail messages containing links to a malicious site that
    distributes this Trojan are the typical first step towards infection. Sometimes these
    messages also contain a file attachment with a .com extension in order to look like a
    link, but it is actually malware. Another smoke-and-mirror tactic employed by this
    particular Trojan is the display of a form for af ederal tax return. While the user is
    trying to make sense of it, the Trojan goes to work and downloads other malicious files.
    Some of them record URLs a user visits, others search for the PKCS#12 certificate
    files. An incorporated keylogger records keystrokes and clipboard data. And then it all
    gets shipped to a server in China.

57. September 22, IDG News Service – (International) Canada ends Facebook privacy
    probe. Canada’s privacy commissioner has ended an investigation into Facebook’s
    privacy practices by saying the social-networking site has resolved issues raised in a
    May 2008 complaint. Facebook has made changes to its service that resolve privacy
    concerns raised in a Canadian Internet Policy and Public Interest Clinic complaint, the
    commissioner said September 22. The privacy group complained that Facebook had
    violated Canadian privacy law by not explaining to users its policies on sharing
    information with third-party developers. The complaint also accused Facebook of not
    identifying all the purposes for which it collects users’ information, of not getting
    express consent to collect sensitive information, and of not allowing users who have
    deactivated their accounts to easily withdraw consent to share information. The
    complaint also accused Facebook of failing to destroy the personal information of users
    who deleted their accounts and of failing to safeguard personal information from
    unauthorized access. Facebook has made “extensive” changes to its privacy protections
    in response to Canadian concerns, the commissioner said in a statement.

58. September 21, Help Net Security – (International) Trojan posing as installer wants
    your money. A Trojan masquerading as an installer for well-known applications such
    as DivX, Torrent, LimeWire, Avast! Antivirus, and others has been popping up on
    users’ computers lately and is trying to get them to send an SMS to a premium number
    in order to “unlock” the application in question, Microsoft said. Somewhat similar to
    the “Ransom” Trojans that take control of the system by locking the user’s screen and
    unlocking it only after they enter the passcode they received upon sending a text
    message to the provided premium number, this Trojan is less disruptive, but still bent

                                                                                         - 23 -
                     on taking user money. The Trojan is distributed from a number of domains named after
                     those programs. To avoid falling for these types of scams, users are advised to
                     download software from the Web site of the developer or from reputable download

                                                  Internet Alert Dashboard
            To report cyber infrastructure incidents or to request information, please contact US-CERT at or
            visit their Web site:

            Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and
            Analysis Center) Web site:

[Return to top]

Communications Sector

                  59. September 23, Daily Princetonian – (New Jersey) Outage hits University wireless
                      network. Princeton University in Princeton, New Jersey faced an unscheduled wireless
                      network outage September 22 that lasted at least 7 hours, forcing students to rely upon
                      Ethernet cables to connect to the Internet. The issue began at 3:27 p.m. due to “an
                      unknown cause,” according to a statement posted on the Office of Information
                      Technology (OIT) Web site at 11:26 p.m. It was partially resolved at the time this
                      article went to press. The associate chief information officer and director of support
                      service for OIT said in an e-mail that all of the “1,000-plus” wireless service access
                      points stopped working at about the same time September 22. Hard-wired Ethernet
                      connections on campus were not affected by the problem. OIT networking staff and
                      engineers from Cisco, the provider of the access points, were working to solve the
                      problem, but that there was no estimate for when they would resolve the issue.

                  60. September 23, IDG News Service – (National) Facebook fixes glitch, says access back
                      to normal. A problem that affected account access for some Facebook users September
                      22 has been fixed, Facebook said via its Twitter feed. “We’ve fixed the issue with a
                      third-party networking provider, and anyone impacted should be able to access
                      Facebook normally,” the company said. Facebook did not say what the problem was or
                      which company caused it. The social networking company also did not give figures for
                      the number of people affected by the problem. Earlier that day, Facebook said users
                      may have trouble accessing the site due to a problem with a network provider. “Some
                      people can’t connect to Facebook because of an issue with a third-party network
                      provider. We’re working to fix it ASAP,” Facebook wrote in a Twitter message around
                      noon Pacific Time. That message followed user complaints that started popping up on
                      Twitter earlier in the day. Facebook seems to have less frequent outages than Twitter, a
                      rival in social networking. However, it had one notable failure last year, when around
                      150,000 people were unable to use the site for more than 1 week.

                                                                                                                               - 24 -

61. September 22, Associated Press – (South Carolina; National) SC gov: Feds should let
    prisons jam cell phones. Flanked by dozens of wardens and a prison officer authorities
    say was nearly killed in an attack planned with a smuggled cell phone, South Carolina’s
    governor September 22 implored federal regulators to let the state jam the signals of
    cell phones being used illicitly by prisoners. “If we leave the things the way that they
    are, the federal government is fundamentally perpetuating an injustice, on the people of
    this state, and frankly, the people of this nation,” he said at a maximum security prison
    in Columbia. He urged the Federal Communications Commission (FCC) to act on a
    nearly 2-year-old request from the corrections department director to conduct a pilot
    jamming program inside a state prison. The director said 30 other states signed on to
    that request. The FCC has taken no action on the petition. Regulators say a 1934 law
    allows only federal agencies, not state or local ones, to jam public airwaves, a position
    reiterated September 22 by the FCC’s public safety and homeland security chief. “The
    problem with the South Carolina petition is, we can’t waive federal statutes,” he said.
    “As long as Congress has mandated that jamming is illegal, we have to abide by that
    law, and so does South Carolina.”

62. September 22, The Register – (International) Vodafone shares subscriber info with
    world. Vodafone, a global telecommunications company headquartered in England,
    has been caught taking liberties with customers’ e-mail accounts, and it seems at least
    some of the customers are not happy about the practice. The problem is with the
    password reminder feature on the “My account” section of the carrier’s Web site. All
    one has to do is enter the phone number of the person someone is interested in. If they
    have an online account, Vodafone gladly gives up their e-mail address. The Register
    was able to test the feature and it worked as described. “There is nothing to stop a
    determined spammer from entering thousands of numbers and getting a long list of
    email addresses,” a Vodafone subscriber wrote. “Nothing to stop a fraudster from
    sending you an email to an address you only use with Vodafone.”

63. September 22, CNET News – (Oregon) Hunters shoot down Google cables. Hunters
    in Oregon have been using Google for target practice. According to IT News, Google
    has been driven underground by the highly accurate shooting from Oregon’s finest
    marksmen. More accurately, its cables have been forced to go 6 feet underground. It
    appears that hunters are shooting at the fiber that connects its vast data centers merely
    for the fun of being able to shoot them down. “Every November when hunting season
    starts, invariably we know that the fiber will be shot down, so much so that we are now
    building an underground path [for it],” a Google engineering manager said.

64. September 22, Chicago Tribune – (Illinois) Service returns to Comcast customers in
    west suburbs. Comcast customers in Chicago’s western suburbs experienced a service

                                                                                         - 25 -
                     outage September 22 when Union Pacific Railroad damaged a fiber optic cable near
                     railroad tracks at First and Poplar avenues in Elmhurst, Illinois. The service outage
                     affected customers in the company’s western area, a Comcast spokeswoman said.
                     “There was an outside party that affected a number of customers,” she said. Ninety
                     percent of the affected customers had their service restored by 4:30 p.m., and all
                     customers were scheduled to have their service restored by 6 p.m. She said the
                     company does not provide the number of customers when it has a service outage for
                     proprietary reasons. Union Pacific has been working on signals at the railroad crossing.

                  For another story, see item 28

[Return to top]

Commercial Facilities Sector

                  65. September 23, KOLD 13 Tucson – (Arizona) Tucson fire officials say arson is to
                      blame for Executive Inn Fire. Tucson, Arizona Fire Officials said a break-in and
                      arson are to blame for an early morning fire at a hotel. The fire happened around 3:30
                      a.m. September 23 at the Executive Inn and Suites at 333 W. Drachman. Forty-two
                      firefighters and more than a dozen trucks were dispatched to the scene. Tucson Fire
                      tells KOLD News 13 a hotel employee called 911 after spotting a fire in the office on
                      the first floor. Firefighters were able to contain fire and smoke damage to the first floor.
                      Damage is estimated at $100,000. The manager of the hotel said a guest reported seeing
                      two men break into the office a half hour prior to the fire. Thirteen guests and three
                      employees were evacuated from the building at the time of the fire.

                  For more stories, see items 28 and 42

[Return to top]

National Monuments and Icons Sector

                  66. September 23, Salt Lake City Deseret News – (Utah) Evacuation ends, officials
                      encouraged by fire suppression efforts in Herriman blaze. All remaining residents
                      evacuated by the Machine Gun fire in Herriman, Utah were allowed to return to their
                      homes September 22. Operations have already begun to downsize, and officials are
                      gearing up to switch from response to recovery mode in light of the fire being 75
                      percent contained as of the evening of September 22. Heavy rains assisted firefighters
                      in controlling flames but created a new concern that had city and county officials
                      preparing sandbags in case of flooding. The warning began early September 22 after
                      National Weather Service meteorologists predicted heavy rains. With fuel source on
                      Rose Canyon and Black Ridge burned through, it left the mountainside barren of grassy
                      terrain that would usually protect dirt and debris from tumbling down and creating

                                                                                                             - 26 -
   worse flooding and mudslide conditions for residents. “Salt Lake County is sending in
   an emergency specialist for rehabilitation plans,” Utah’s Bureau of Land Management
   operations chief said at a news conference that night. “We’ll make sure the mountain
   stays where it belongs.”

67. September 22, Arizona Republic – (Arizona) 1,200 pot plants found in Prescott
    National Forest. Nearly 1,200 marijuana plants growing in the Prescott National
    Forest in Arizona were confiscated late September 17, according to the Yavapai County
    Sheriff’s Office (YCSO). The plants were growing about 30 miles south of Prescott
    near Pine Creek in a remote and heavily forested area that does not experience much
    activity, a YCSO spokesman said. Deputies believe the site had been running for at
    least 2 years, allowing the harvest of around 3,000 plants. The operation included
    several campsites and an extensive irrigation system. The source of the irrigation
    system was a natural spring that allowed the plants, many more than 7-feet tall, to be
    watered, the YCSO spokesman said. The sheriff’s office received information from
    anonymous sources about the operation and had surveillance over the area. When
    investigators determined the pot growers would not return, YCSO deputies, U.S. Forest
    Service Law Enforcement personnel and members of Partners Against Narcotics
    Trafficking confiscated the plants. No arrests have been made and the confiscated
    plants are scheduled for incineration.

68. September 22, Gettysburg Times – (Pennsylvania) Fast traffic causes monument
    damage. Careless driving has resulted in monument damage at Gettysburg National
    Military Park in Gettysburg, Pennsylvania, leading the superintendent to announce that
    memorial relocation is being considered. He also reported that new signage and traffic
    control devices, such as bumper strips, are planned along battlefield roadways, to deter
    further collisions between vehicles and monuments. The Pennsylvania 74th Monument
    along West Howard Avenue, just northwest of Gettysburg, is under consideration to be
    relocated farther from the roadway, near its current position. According to the National
    Park Service, the monument — which sits about 10 feet back from the road — has been
    struck repeatedly over the past 5 years by wayward drivers. Motorists damaged the
    monument again this past summer. The monument sits near a bend in the roadway,
    dubbed “Dead Monuments Curve” by park guides and historians. One new sign was
    recently installed along the road, warning motorists about the curve. Park officials
    explained that they would not relocate the 74th Pennsylvania Monument far from its
    current location, as its placement denotes an historically-accurate position of troops
    during the Battle of Gettysburg in 1863.

69. September 22, Steamboat Today – (Colorado) Wildfire south of Hayden 25 percent
    contained. Two Hot Shot firefighting crews and local firefighters will resume efforts

                                                                                       - 27 -
                     early September 23 to extinguish a 32-acre fire about 20 miles south of Hayden,
                     Colorado. The Beaver Flat Fire near StinÂÂsby Reservoir was 25 percent contained by
                     the evening of September 22, a U.S. Forest Service spokeswoman said. Crews expected
                     to have the fire fully contained by September 24. The blaze, thought to have been
                     caused by lightning, was detected at 11:30 a.m. September 21. Air tankers and
                     helicopters are being used to help contain the fire. The Roosevelt Hot Shots and Rogue
                     River Hot Shots wildland fire crews, which already were in the area conducting
                     hazardous tree removal, are among the personnel fighting the fire. Forest Service and
                     Bureau of Land Management fire crews also have responded.

[Return to top]

Dams Sector

                  70. September 23, Stockton Record – (California) Levee status may soon be
                      upgraded. The levee protecting Lathrop and west Manteca should soon be reinstated as
                      “acceptable” by the Army Corps of Engineers in California. One week after a Corps’
                      announcement that the levee on the east side of the San Joaquin River was
                      “unacceptable,” the public works director for Lathrop said, “All deficiencies identified
                      ... were corrected and the documentation was provided.” The levee’s improved status
                      means it will be granted accreditation for 100-year flood protection by the Federal
                      Emergency Management Agency (FEMA), the agency announced September 22. This
                      week, Lathrop is expecting a formal letter providing this new FEMA designation. The
                      report was submitted to federal flood-control authorities by Stockton-based Kjeldsen,
                      Sinnock and Neudeck Consulting Engineers and Land Surveyors. Levees protecting
                      Boggs Tract and Weston Ranch remain “unacceptable” because of burrowing animals,
                      erosion, slope stability and other issues, the Corps announced last week.

                  71. September 23, Arizona Republic – (Arizona) Tempe Town Lake dam collapse
                      blamed on heat, age. Heat and age were the main causes of the July 20 Tempe Town
                      Lake, Arizona, dam collapse, according to a report released September 23 by an
                      independent consulting agency. In August, the city commissioned Ohio consulting firm
                      SEA Ltd. to investigate the cause of the dam failure. Parts of the collapsed dam’s
                      rubber bladders were sent to the firm’s laboratory to be tested. Tempe split the $50,000
                      cost of the study with Bridgestone, the manufacturer of the bladders, according to a city
                      spokeswoman. The report concludes that the layers of the rubber dam began to separate
                      because of a breach in a portion of the dam near the concrete apron. The breach
                      worsened over time, and deterioration was made worse by “extremely high”
                      temperatures in excess of 100 degrees, according to the report. The report does not say
                      what caused the initial breach. Tempe released a statement September 22 saying it
                      accepts the results of the study and has decided to move on. The assistant city manager

                                                                                                          - 28 -
                     clarified that the city is not saying it was responsible for the dam’s failure, but that it
                     agrees with SEA’s findings. “We’re moving forward to safely reopen the lake on time
                     and on schedule,” he said. The results of the report have not changed plans for bladder
                     replacement in November, but the assistant city manager said the city would “take into
                     consideration the findings” of the report when making plans for a longer-term dam
                     replacement. A spokesman for Bridgestone, said the results of the study validated the
                     company’s assertions that heat was shortening the lifespan of the bladders.

                  72. September 21, KCNC 4 Denver – (Colorado) Vandals cause big stink at Lakewood
                      Reservoir. Vandals caused a smelly problem in Lakewood, Colorado, after breaking an
                      outlet at a private reservoir. The Agricultural Ditch and Reservoir Company owns East
                      Reservoir near Kipling and Florida. It drained it so it can fix an outlet structure. That
                      left lots of dying carp. The pond should be full again in the next few days and the smell
                      should be gone.

                  73. September 21, Associated Press – (Washington) Seattle to pay Pend Oreille County
                      $19M for dam. The city of Seattle, Washington will pay $19 million to Pend Oreille
                      County, Washington, over the next 10 years to relicense Boundary Dam, which
                      generates 40 percent of the power for Seattle City Light. The Seattle Times reports the
                      deal approved September 20 by the city council is a compromise to end a 2-year
                      dispute. Commissioners in the county in northeast Washington initially asked for $30
                      million. City Light offered about $15 million. About $3 million will go to help build a
                      school in Metaline Falls. Seattle built the dam 40 years ago on the Pend Oreille River.
                      The disagreement with the county had threatened to hold up the federal re-licensing

[Return to top]

                                                                                                            - 29 -
                DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily
Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site:

Contact Information
Content and Suggestions:                         Send mail to or contact the DHS
                                                 Daily Report Team at 703-872-2267
Subscribe to the Distribution List:              Visit the DHS Daily Open Source Infrastructure Report and follow
                                                 instructions to Get e-mail updates when this information changes.
Removal from Distribution List:                  Send mail to

Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at or visit
their Web page at

Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source

                                                                                                                    - 30 -

To top