Cyber threats May 28, 2012

7. May 29, Nextgov – (National) UK researchers discover backdoor in American military chip. United Kingdom (U.K.)-based security researchers found a backdoor “deliberately” inserted into an American military chip to help attackers gain unauthorized access and reprogram its memory, according to a draft research paper. A researcher at Cambridge University discovered a military-grade silicon device made by California-based Microsemi Corp., the ProASIC3 A3P250, contained a glitch that would allow individuals to remotely tweak its functions. He collaborated with a researcher at U.K.-based Quo Vadis Labs, which researches sensor technology, and found “proof that the backdoor was deliberately inserted and even used as a part of the overall security scheme.” The duo did not disclose details, citing a “confidentiality agreement.” The backdoor is “close to impossible to fix on chips already deployed” because software patches cannot fix the bugs. The holes can only be removed by removing all such chips installed in systems, the duo said. Microsemi’s aggregate net sales to defense and security users represented about 29 percent of total net sales in 2012, according to its most recent quarterly regulatory filing. The device in question is “heavily marketed to the military and industry,” the draft report states. Source: http://www.nextgov.com/defense/2012/05/uk-researchers-discover-backdoor-american-military-chip/55949/

 

Information Technology Sector

38. May 29, Homeland Security News Wire – (International) Malware intelligence system allow organizations to share threat information. As malware threats expand into new domains and increasingly focus on industrial espionage, Georgia Tech researchers are launching a new tool to help battle the threats: a malware intelligence system that will help corporate and government security officials share information about the attacks they are fighting. A Georgia Tech news release reports the system, known as Titan, will be at the center of a security community which will help create safety in numbers as companies large and small add their threat data to a knowledge base that will be shared with all participants. Operated by security specialists at the Georgia Tech Research Institute, the system builds on a threat analysis foundation — including a malware repository that analyzes and classifies an average of 100,000 pieces of malicious code each day. Source: http://www.homelandsecuritynewswire.com/dr20120529-malware-intelligence-system-allow-organizations-to-share-threat-information

 

39. May 28, IDG News Service – (International) Researchers identify Stuxnet-like malware called ‘Flame’. A new, highly sophisticated malware threat predominantly used in cyberespionage attacks against targets in the Middle East was identified and analyzed by researchers from several security companies and organizations. According to the Iranian Computer Emergency Response Team, the new piece of malware might

 

be responsible for recent data loss incidents in Iran. Flame, as the Kaspersky researchers call it, is a very large attack toolkit with many individual modules. It can perform a variety of malicious actions, most of which are related to data theft and cyberespionage. Among other things, it can use a computer’s microphone to record conversations, take screenshots of particular applications when in use, record keystrokes, sniff network traffic, and communicate with nearby Bluetooth devices. One of the toolkit’s first versions was likely created in 2010 and its functionality was later extended by leveraging its modular architecture, said a chief malware expert at Kaspersky Lab. Flame spreads to other computers by copying itself to portable USB devices and also by exploiting a now-patched Microsoft Windows printer vulnerability that was also leveraged by Stuxnet. Source: http://www.computerworld.com/s/article/9227524/Researchers_identify_Stuxnet_like_malware_called_Flame

 

40. May 28, H Security – (International) Critical hole in Seagate BlackArmor NAS. Seagate’s BlackArmor NAS server is vulnerable to having its administrative password reset by anyone with access to it and a particular URL. The BlackArmor range of network-attached storage devices is aimed at small businesses and offers storage and backup options from Windows PCs and Mac OS X systems, ranging from 1TB to 12TB of hard disk media. The problem, documented by the U.S. Computer Emergency Readiness Team, involves an unauthenticated attack directly accessing an address where they will be given the opportunity to reset the device’s administrator password. There is no current solution to the problem. Source: http://www.h-online.com/security/news/item/Critical-hole-in-Seagate-BlackArmor-NAS-1585283.html

 

 

Internet Alert Dashboard

To report cyber infrastructure incidents or to request information, please contact US-CERT at sos@us-cert.gov or visit their Web site: http://www.us-cert.gov Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and Analysis Center) Web site: https://www.it-isac.org [Return to top]

  

 

text size: TT

In three years 700 Dominican Republic cops accused in drug cases including head of port security

By EZEQUIEL ABIU LOPEZ

SANTO DOMINGO, Dominican Republic

Three high-ranking police officials in the Dominican Republic have been accused of providing security to drug traffickers, marking the latest public corruption case to hit the Caribbean nation as it tries to clean up its military and police.

The officials worked for the National Drug Control Agency and were arrested alongside four men allegedly waiting for a drug shipment bound for Puerto Rico, agency chief Rolando Rosado said Thursday.

The officials have been suspended from their jobs as have others who have been charged in drug-fueled corruption cases that have resulted in dozens of arrests and dismissals in recent years.

"It's a serious situation," said Tulio Castanos, vice president of the Institutional Justice Foundation, a non-governmental group that is helping the government design and implement police department reforms. "The people have lost faith in the police."

The Dominican Republic has a national police force of 32,000 officers and a military with 65,000 members, for a country of about 9 million people.

Since 2009, more than 700 agents with the National Drug Control Agency, a combination of police officers and military personnel on loan, have been removed for a variety of crimes, according to government statistics. Of those, 200 were suspected of involvement in drug trafficking.

Meanwhile, the national police force has expelled about 1,400 officers since 2010 for a variety of alleged crimes, including ties to drug trafficking, spokesman Maximo Baez said.

Members of the police and all branches of the military have become ensnared in drug investigations, including a recent one involving a navy officer in charge of port security accused of attempting to smuggle more than 800 kilograms (1,760 pounds) of cocaine to Spain on board a cargo vessel.

In another case, nearly 20 officials, the majority with the navy, were accused in 2008 of killing seven Colombian drug traffickers to steal 1.3 tons (1.18 metric tons) of cocaine. Five of those officials were sentenced to 30 years in prison, while three others received 20-year sentences.

So far this year, authorities have confiscated more than 4 tons (3.6 metric tons) of cocaine. They seized nearly 7 tons (6 metric tons) during all of 2011.

"The biggest concern is that in almost every seizure, officials were implicated," according to a report by Citizen Involvement, a non-governmental organization that tracks corruption allegations in the Dominican Republic.

The government is now requiring members of the police and armed forces to pass polygraph and background tests. In addition, internal affairs units are regularly investigating corruption allegations and handing out punishments, which has been increasing along with the country's role as a stepping stone for cocaine and other drugs bound for the U.S. and Europe.

The government's attempt to address the situation comes amid growing concerns among Dominicans about the way drug trafficking has seemed to take a central role in the country.

But there is also pressure from the U.S., which was critical of Dominican anti-drug efforts in its annual 2012 trafficking report.

In a 2009 diplomatic cable obtained by WikiLeaks and other organizations, the U.S. Embassy in the Dominican Republic noted the country had an "embarrassing" drug seizure rate and cited a lack of resources for law enforcement and infiltration of the armed forces by criminal organizations.

Former President Leonel Fernandez and others also have cited low salaries, typically around $155 a month for police officers, as a long-standing problem that may be a factor in some corruption cases.

Complaints that police and military officials demand payment from drug traffickers to operate in certain neighborhoods are common, said Manuel Maria Mercedes, president of the National Commission of Human Rights.

Payments can range from $125 a week in poor communities to more than $1,000 a week for drug-distribution points in popular tourist regions, and shootouts ensue if they fail to pay, he said.

"Hundreds of citizens have lost their lives this way," he said.

 

The impending return of the PRI to power and what it means for business in Mexico

 

 

 

Despite ruling country for 71 years between 1929-2000, Mexico’s Partido Revolucionario Institucional (PRI) has been out of power for almost 12 years and has only recently regained its footing in national politics.

 

The right-of-center Partido Acción Nacional (PAN) has been at the helm since taking over the presidency in 2000 in what was declared to be Mexico’s first democratic elections. While the PAN has been in power for two consecutive terms, first under Vicente Fox Quesada (2000-2006) and then under Felipe Calderón Hinojosa (2006-2012), Mexico’s Presidency is likely to revert back to the PRI in this year’s presidential elections.

 

The PRI’s candidate, Enrique Peña Nieto, a former Governor of the State of Mexico, is the clear favorite among the top three contenders, and the election is his to lose. How did the PRI regain prominence after over a decade out of power and what would a return to the presidency mean for the country and the economy?

 

The resurgence of the PRI under Enrique Peña Nieto

The prospects of the PRI’s return to power in July’s presidential elections has as much to do with the erosion of support for the other two main parties—the PAN and the leftist Partido de la Revolución Democrática (PRD)—as it does with the strong candidacy of Enrique Peña Nieto.

 

The erosion of support for the ruling PAN party

In the case of the PAN, there is an overall feeling of disappointment in the way the party has led the country for the past 12 years. Mr. Fox, whose campaign promised a "government of change," was in effect a lame-duck president who lacked the ability and political shrewdness to pass Mexico’s most needed structural reforms, which languished in the opposition-controlled Congress. Mr. Calderón scraped into office on the narrowest of margins in what remains a highly controversial election against his then-rival, Andrés Manuel López Obrador of the PRD. Calderón chose to focus his term on the fight against organized crime, and has been highly criticized for his administration’s tactics against the country’s principal drug cartels, which have yielded mixed results at best and have coincided with a rise in violence in several parts of the country (not to mention a significantly higher death toll than in years past, which has included many civilians).

 

The growing feeling of insecurity within the country has been compounded by a perceived increase in poverty and unemployment. And while nominal GDP growth reached 4% in 2011, Mexico needs much faster growth to absorb the sizeable number of unemployed workers and new job applicants entering the labor market every year—not to mention to make a dent in the sizeable informal sector. Moreover, the Calderón administration has been equally as unsuccessful in passing key reforms Mexico depends on to grow at its full potential and enhance its economic and business environment, mainly due to a lack of consensus among parties and the PAN’s lack of congressional majority.

 

Stalled reforms include, among others, much-needed changes to the tax system (to broaden the tax base and reduce reliance on PEMEX for government revenue); labor markets (to ease expansion and contraction of the labor force and reduce the influence of certain unions); the energy sector (to enable PEMEX to operate like a business and collaborate with private-sector firms); market competitiveness (to reduce the influence of monopolies and remedy critical skills shortages); and law enforcement (to improve the professionalization of the police, prison, and court systems in particular). As a result, it is unlikely that Josefina Vazquez Mota, the PAN candidate, will be able to keep her party in Los Pinos.

 

The decline of López Obrador

Meanwhile, Mr. López Obrador returns as the candidate for Mexico’s PRD. While Mr. López Obrador is a formidable campaigner and has traveled extensively across the country to canvas support for his candidacy after being declared the runner-up in 2006, his chances of getting elected this time around remain slim. He lost much goodwill and political capital with his harsh reaction to losing the 2006 election—which included condoning the takeover and organized sitin on Mexico City’s Paseo de la Reforma (one of the capital’s most prestigious and symbolic avenues) with paid protestors for over a month, and declaring himself the “legitimate president” in defiance of Calderón’s swearing-in as the new head of state. His actions at the time left him looking a like a sore loser and compromised political figure in the eyes of swing voters—a key electoral constituency in the upcoming vote (comprising an estimated 20% of voting-age adults in the latest polls). Furthermore, while Mr. López Obrador has recently—and somewhat belatedly—begun courting the private sector and key business leaders, many question how some of his political promises will withstand economic scrutiny and the pressure to honor longstanding trading relationships and open market principles.

 

The rise of Peña Nieto

In contrast to the relative weakness of the PRD and PAN campaigns (which were the two leading parties who fought a neck-to neck race in 2006), The PRI has returned from the political wilderness with a strong, focused, and politically unified campaign centered around Enrique Peña Nieto as the sole, undisputed standard bearer of the party’s fortunes in the upcoming election. Bringing a rejuvenating face to the party that ran Mexico for over 70 years, Mr. Peña Nieto rose through the ranks of the PRI as the protégé of powerful party leaders, and has been groomed for high office ever since rising to prominence as Governor of Mexico State from 2005- 2011. Under the guidance of the PRI’s power brokers and the party elders he is aligned with, Mr. Peña Nieto has rallied other factions to his cause—in an unusual show of party unity—with the sole purpose of bringing the party back to power. Moreover, his staggering good looks, his marriage to a popular Mexican soap-opera actress, and his tightly scripted public appearances have made him into a celebrity public icon. His campaign staff quickly came to realize that these assets, combined with smart positioning of their candidate as the antidote to the general disappointment with the ruling PAN party, are the PRI’s best allies for a winning campaign.

 

So far, Mr. Peña Nieto has been shrewd about not making outlandish commitments; he remains at the top of the polls, with a 20-point lead over his nearest rival. Barring some dramatic missteps in the final 2-month stretch, he is likely to win by a significant margin. The question is, what will happen once the PRI returns to power? Can Mexico expect a return of old-school PRI politics or will Mr. Pena Nieto assert himself and chart a new course for the country?

 

 

What to expect under the PRI

That the PRI will return to power is not in and of itself indicative of the economic policies that a PRI administration would likely adopt for the coming six years. Indeed, no single economic philosophy defines the party: during its 71-year rule, the PRI—and the country—experienced a dramatic shift from left-wing, socialist economic orthodoxy to business-friendly, market-opening politics typically associated with right-of-center parties. President Lázaro Cárdenas del Río (in power from 1934-1940), for instance, promoted the nationalization of the oil industry and the creation of Petróleos de México (PEMEX)—the state-run oil company, which to this day still account`s for 33% of the federal government’s revenues. At the other end of the spectrum, President Carlos Salinas de Gortari (in office from1988-1994) promoted the privatization of state-run companies such as Teléfonos de México (Telmex) and the banking services, as well as Mexico’s entry into the North American Free Trade Agreement (NAFTA). That said, it must be noted that Mr. Peña Nieto is very close to Mr. Salinas de Gortari, who is commonly referred to as his political godfather, which may suggest he will remain aligned with the market-oriented policies of the former president (and his successors from both the PRI and the PAN in Los Pinos).

 

 

Policy areas likely to remain unchanged

Indeed, in many regards, a Peña Nieto administration would mean continuity for general economic conditions and the prevailing business environment:

•From the macroeconomic perspective, Mexico will likely experience continuity of its current policies, favoring a positive economic environment, low inflation rates, and an autonomous central bank.•As per foreign policy, the fight against organized crime and drug cartels would remain the center of bilateral relations between the United States and Mexico. The United States will remain Mexico’s leading trade partner, though Mr. Peña Nieto’s administration will likely seek to diversify exports, notably to other Latin American countries as well as China and Europe. He will rely on Mexico’s wide network of free trade agreements and will likely urge greater investment by China to facilitate the recovery of exports, especially as consumer demand strengthens in the United States. His administration will continue to reduce tariff and non-tariff barriers, but quotas will most likely persist for sensitive products such as clothing, footwear, the publishing industry, and agricultural products

 

.•Mexico will continue to have open policies towards foreign investment, especially in manufacturing. The financial services industry is likely to continue growing, attracting foreign direct investment, especially from private pension funds, as well as in debt and equity markets.

 

•While Mr. Peña Nieto recognizes the shortfalls of the education system, his administration would offer little-to-no prospect of substantive education reform, mainly because of the continued political clout of the powerful teachers’ union. The result will be continued skills shortages, favoring the proliferation of low-skill manufacturing jobs at the expense of R&D or other jobs requiring highly skilled workers.

 

•Mr. Peña Nieto also recognizes the need for comprehensive labor reform, and has campaigned for broadening social security, pensions, and unemployment insurance. However, his administration is unlikely to address such a politically sensitive reform.Select changes that could affect business

The more likely changes would likely come in select sectors and would be consistent with Mr. Peña Nieto’s previous priorities as Governor and representative of his ties to specific business interests:

 

•Infrastructure development will likely play a key role within Mr. Peña Nieto’s agenda, as his administration would seek to collaborate with private firms for the construction of multimodal infrastructure corridors, replicating an approach he widely used during his tenure as Governor.

 

•On the business front, Mr. Peña Nieto could well direct the competition commission to crack down on monopolistic practices, on the grounds that it will promote higher levels of competitiveness. Yet, in truth, his administration’s priorities in this regard would be dictated by his strong ties to select business interests. If he chooses to focus on breaking up monopolies, Mr. Peña Nieto will likely begin with an incremental liberalization of the telecommunications industry, which is currently dominated by TELMEX for landlines (80% market share) and Telcel for mobile lines (71% market share), but given his close ties to Televisa, the liberalization of media—and, specifically, television—markets will likely be a second-tier priority. It is unlikely that Mr. Peña Nieto will confront PEMEX; however, he may push for a greater degree of collaboration with foreign firms towards the end of his term (but only if he has sufficient political capital to warrant it).

 

•With regard to stimulating the business environment, there is good chance that Mr. Peña Nieto will press to reduce bureaucratic procedures for business startups, cutting back on red tape and promoting the expansion of fast-track schemes. This would be part of a more complete fiscal package that would seek to simplify the tax system, broaden the tax base, and place greater emphasis on VAT collection. Nevertheless, short-term tax collections will continue to rely on large companies and revenues from PEMEX.Continuity is more likely than dramatic change

 

The PRI is unlikely to secure a congressional majority within the next six years, which means that just like his two PAN predecessors, Mr. Peña Nieto will have to negotiate passage of key reform bills with opposition parties—most likely the PAN (especially on the economic front). Yet while the PAN may agree with some of these reforms on ideological grounds, the party may choose to obstruct Mr. Peña Nieto’s agenda on political grounds—just as the PRI itself has done repeatedly with presidents Calderón and Fox. The result would be further gridlock and watered down bills that Mexico can ill afford. Mr. Peña Nieto’s political maneuverability will be put to the test.

 

In general terms, should the PRI win the 2012 presidential elections on July 1st,

the next administration will hold more of the same for Mexico. Substantial changes in the business and economic environment will be slow to take hold. Nevertheless, “slow and steady” is sometimes welcome news, especially in a global market with high volatility.

 

 

 

Guillaume Corpart is the Managing Director of Americas Market Intelligence and a veteran of Latin American competitive intelligence and strategy consulting.

Deep Blue Sea to Give Up Its Secrets to Google

Posted by Robert K. Ackerman on 5/17/12 • Categorized as Event Coverage

 

The leading global search engine is turning its eye on two-thirds of the Earth’s surface and its underlying terrain, according to a leading official. Michael T. Jones, chief technology advocate for Google Ventures, told an audience at Joint Warfighting 2012 in Virginia Beach how two new endeavors will provide new information about the world’s oceans and their users.

Coming soon will be a Google Map function that tracks every ship in the world through their Automatic Identification System transponders. In a few weeks, two Google microsats will allow 1 billion users to follow ship passages around the world, including military vessels.

“I as a citizen can do this, but the entire Defense Department can’t do this,” Jones said of this low-cost situational awareness system.

Soon, the deepest parts of the ocean soon may be giving up their secrets. Google has built a small sonar buoy that is generating 5-centimeter imagery of the ocean floor in tests. As it passes over long-ignored parts of the world’s oceans, it will be imaging whatever lies on the bottom. This may include the wreckage of crashed reconnaissance satellites or disposed chemical warfare drums, for example.

This information would be available to anyone, and Google has opened a dialogue with the U.S. government about the sudden ubiquity of this kind of data. But that does not remove the threat of others taking the same approach. “If we were the Chinese government, we wouldn’t have that dialogue,” Jones points out. “If Google can do it, so can the Chinese, and they won’t have that dialogue.”

. House and Senate appropriators reject National Preparedness Grant Program proposal

By David Perera

Comment | Forward | Twitter | Facebook | LinkedIn

 

An Obama administration proposal to consolidate 16 state and local preparedness grant programs into one effort known as the National Preparedness Grant Program faces resistance from House and Senate appropriators. The House Appropriations Committee voted May 16 to reject the NPGP proposal, stating in a report (.pdf) accompanying its markup of the Homeland Security Department spending bill for the coming fiscal year that DHS first requires an implementing authorization law before it can move to consolidate grants. House lawmakers have been skeptical from the start of the NPGP proposal, while administration officials have argued that grant consolidation would result in better coordination of preparedness efforts. Local officials, too have criticized the consolidation proposal. The Senate Appropriations subcommittee on homeland security marked up May 15 its version of the fiscal 2013 DHS spending bill, also rejecting the consolidation proposal. In a statement, the Senate subcommittee said the president's February budget request failed to deliver "specific detail regarding how funds would be distributed" and also directed FEMA to attain an authorization statute. For more:

 

      

 

Information Technology Sector

29.

 

May 16, H Security – (International) Avira update fixes Service Pack bug. Avira said it resolved the problems caused by a Service Pack released for its Windows products earlier the week of May 14. Users are advised to trigger a manual update to download the fix. Once installed, the update should prevent the program from blocking legitimate Windows applications on systems running Avira. May 14, Avira released "Service Pack 0" for all of its Windows products. Once the update was installed, the "ProActiv" behavioral monitoring component in Avira Antivirus Premium 2012 and Avira Internet Security 2012 blocked the execution of essential programs and trusted system processes. Those affected by the problem need to update Avira manually; once the update is installed, the ProActiv module can be reactivated. Source: http://www.h-online.com/security/news/item/Avira-update-fixes-Service-Pack-bug-1576614.html 30. May 16, Computerworld – (International) Google releases Chrome 19, adds tab sync and patches 20 bugs. May 15, Google released Chrome 19, patching 20 vulnerabilities in the browser. Eight vulnerabilities were ranked "high," seven were marked "medium," and five were labeled "low." Seven of the vulnerabilities were described in Google’s brief advisory as "out-of-bounds" read or write flaws, a category of memory bugs where a function does not check that input does not exceed allocated buffers. Google paid bounties to six researchers for reporting nine vulnerabilities, including two not strictly within Chrome. The 11 remaining bugs were uncovered by Google’s own security team or were credited to Microsoft, or were not significant enough to rate a bounty. Source: http://www.computerworld.com/s/article/9227196/Google_releases_Chrome_19_adds_tab_sync_and_patches_20_bugs 31. May 16, H Security – (International) QuickTime for Windows update plugs security holes.

Version 7.7.2 of QuickTime for Windows was released to address 17 security vulnerabilities in the media player. According to Apple, these include integer, stack, and buffer overflows, as well as memory corruption issues, all of which could be could exploited by an attacker to crash the application or execute arbitrary code on a victim’s system. For an attack to be successful, a user must first open a malicious Web site or a specially crafted file. The company notes that, on Mac OS X, many of the holes were

- 13 -

already fixed in Mac OS X 10.7.3 and 10.7.4 Lion, and Security Updates 2012-001 and 2012-002 for Mac OS X 10.6.8 Snow Leopard systems. A majority of these vulnerabilities were discovered by members of TippingPoint’s Zero Day Initiative. Source: http://www.h-online.com/security/news/item/QuickTime-for-Windows-update-plugs-security-holes-1576777.html 32.

 

May 16, Softpedia – (International) High-ranked sites blacklisted by Google after being hijacked. Zscaler experts scanned the first 1 million Web sites found in Alexa’s top listings and found 621 of them are blacklisted by Google, even though some of them are legitimate Web sites visited by numerous users every day. How can a legitimate Web site get on the Google Safe Browsing list? For instance, subtitleseeker(dot)com, a Web site that offers subtitles for movies and TV shows, is ranked 6,239. The site is not malicious in any way, though Google still cataloged it as such once it detected abnormal activity on it. According to Zscaler, Subtitle Seeker was compromised and altered to host a malicious JavaScript. Other examples include sites that promote "work from home" scams, adult content, and fake antivirus software, but the majority of them were altered to push malicious PDF files, adware, and other types of malware. Some sites were blacklisted because they were found to contain iframes and JavaScripts with malicious intent. Source: http://news.softpedia.com/news/High-Ranked-Sites-Blacklisted-by-Google-After-Being-Hijacked-269879.shtml 33. May 15, The Register – (International) Scammers exploit wannabe demon-slayers hyped by Diablo III. Cybercriminals targeted the release of Diablo III, May 14, with scams themed around the widely anticipated video game. Blizzard’s games systems collapsed due to the higher than expected demand for the game, the London Guardian reported. The software company is attempting to stop pirates from stealing the new role-playing game by forcing users to log into its servers before they can start playing it. This created a bottleneck centered around log-in systems at Blizzard, which struggled to service demand. Technical glitches were an unexpected bonus for scammers, who launched scams featuring the promotion of bogus crack and key-gen sites. These fake sites might potentially be more attractive than they normally would be as gamers struggle to acquire legitimate content through regular channels. Some of the scam sites GFI Software identified included supposed online key purchasing sites that actually install malicious software. Other spam Diablo III-themed links collated by the security firm lead to unrelated flash games, spam linkdumps, and a "donation experiment" where installs of the software offered enter targets into a supposed prize draw giveaway. These various scams are being promoted through the Web at large and social media Web sites, including Facebook and Pinterest. Source: http://www.theregister.co.uk/2012/05/15/diablo_3_scams/ 34. May 15, Help Net Security – (International) Pinterest scam toolkits widen the pool of potential scammers.

Pinterest scam toolkits are available for sale to inexperienced scammers, according to McAfee. Usually sold on underground forums, these toolkits contain many tools. All actions needed to scam users are included and automated: creating Pinterest invites and mass comments on posts, mass creation of bit.ly links, and scraping Amazon for products based on given keywords and then submitting them

- 14 -

to Pinterest. Pinterest scams usually work by luring people in with offers of free gift cards, and the offered links land them either on sites hosting survey scams, on Amazon or other sites (which results in the scammers earning money by referral), or lead them to premium rate trojans (if the Pinterest visitor uses a mobile device to visit the site). Source: http://www.net-security.org/secworld.php?id=12931&utm 35.

 

May 15, IDG News Service – (International) Wikipedia warns users about malware injecting ads into its pages. Visitors to Wikipedia who see advertisements on the site have most likely fallen victim to a browser-based malware infection, Wikimedia Foundation, the organization operating the Web site, said May 14. "We never run ads on Wikipedia," said the director of community advocacy for the Wikimedia Foundation. "If you’re seeing advertisements for a for-profit industry ... or anything but our fundraiser, then your Web browser has likely been infected with malware." One example of such malware is a rogue Google Chrome extension called "I want this," the director said. However, similar malicious add-ons might also exist for Mozilla Firefox, Internet Explorer, and other browsers, he said. This type of malicious software is known as click fraud malware and can target multiple Web sites at once. Source: http://www.computerworld.com/s/article/9227179/Wikipedia_warns_users_about_malware_injecting_ads_into_its_pages 36. May 15, Threatpost – (International) Stolen certificates found in malware possibly targeting Tibetan groups. The recent trend of attackers using stolen digital certificates to make their malicious executables look legitimate is continuing unabated, with researchers now having come across a series of variants of the Etchfro trojan that are using certificates taken from several companies and issued by VeriSign, Thawte, and other certificate authorities. After looking at recent examples of malware signed with stolen certificates, researchers at Norman ASA, a security firm in Norway, noticed there was an aberrant string in one specific optional field included in the stolen certificates. It is unclear what, if any, purpose the string serves, but Norman researchers started searching the company’s malware database, looking for other samples with the same string. The search yielded more than 20 samples with the same atypical string, and each of them included a stolen digital certificate. All of the malware samples, except one, was some version of the Etchfro trojan. The other one is a version of the Gh0st RAT tool. Source: http://threatpost.com/en_us/blogs/stolen-certificates-found-malware-possibly-targeting-tibetan-groups-051512 For more stories, see items 23 and

37

Internet Alert Dashboard

To report cyber infrastructure incidents or to request information, please contact US-CERT at

 

sos@us-cert.gov

or visit their Web site: http://www.us-cert.gov Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and Analysis Center) Web site: https://www.it-isac.org

 

    

 

Information Technology Sector

40.

 

May 15, Wired – (International) Popular surveillance cameras open to hackers, researcher says. Three of the most popular brands of closed-circuit surveillance cameras are sold with remote Internet access enabled by default, and with weak password security — a classic recipe for security failure that could allow hackers to remotely tap into the video feeds, according to new research. The cameras, used by banks, retailers, hotels, hospitals, and corporations, are often configured insecurely — thanks to these manufacturer default settings, said a senior security engineer at Gotham Digital Science. As a result, he says, attackers can seize control of systems to view live footage, archived footage, or control the direction and zoom of adjustable cameras. The researcher and his team were able to view footage as part of penetration tests they conducted for clients to uncover security vulnerabilities. Source: http://www.wired.com/threatlevel/2012/05/cctv-hack/ 41. May 15, The Register – (International) Apple scrubs old Leopards of Flashback trojan infections.

Apple released patches that defend users of its older Mac OS X 10.5 Leopard operating system against security threats. The May 14 security fixes help defend Mac users on the 2-year-old operating system against assaults by the Flashback trojan. Users of the newer Snow Leopard (10.6) and Lion (10.7) operating systems

- 16 -

received equivalent fixes in April. Apple’s Leopard Flashback Removal Security Update is designed to clean Macs running the legacy OS that are not yet running an anti-virus package. In addition, the security update disables Safari’s Java plugin by default. Leopard Security Update 2012-003 disables older versions of Adobe Flash Player, encouraging users to get the latest version directly from Adobe’s Web site. Both updates can be applied via the Software Update feature built into Mac OS X, but will only work if the latest version of that particular track of the operating system, Mac OS X Leopard version 10.5.8, has already been applied. Apple is acting to prevent users of legacy versions of its operating system from harboring the Flashback trojan. Such support is unlikely to continue indefinitely and is likely to disappear entirely once Apple updates Mac OS X 10.7 Lion. Source: http://www.theregister.co.uk/2012/05/15/mac_leopard_security_update/ 42.

 

May 15, Softpedia – (International) ‘How to Earn Money’ apps hide fraud trojan. Cybercriminals are starting to focus their attention on scams that advertise methods and products that rely on applications. Experts from Bitdefender discovered a piece of software called "How to Earn Money," which can allegedly help users make cash without a hassle. In reality, the shady app hides malware, identified by Bitdefender as Trojan.Fraud.A. Once installed, the program places itself in the Program Files folder, it creates shortcuts, and starts pushing HTML pages that advertise a tool that can help users earn tens of thousands of dollars in just over a month. To gain possession of the tool, users must pay a fee of $37 or $47. Source: http://news.softpedia.com/news/How-to-Earn-Money-Apps-Hide-Fraud-Trojan-269618.shtml 43. May 15, H Security – (International) Fraunhofer Institute finds security vulnerabilites in cloud storage services. The Fraunhofer Institute for Secure Information Technology tested seven cloud storage service providers and published its results in a report. The authors of the report found vulnerabilities affecting registration and login, encryption, and shared access to data for several services. The study looked at CloudMe, CrashPlan, Dropbox, Mozy, TeamDrive, Ubuntu One, and Wuala. The functions examined by Fraunhofer were copying, backup, synchronization, and sharing. Only TeamDrive and Wuala offer all four of these features. CrashPlan and Mozy only offer a backup service — a service not offered by CloudMe, Dropbox, or Ubuntu One. Source: http://www.h-online.com/security/news/item/Fraunhofer-Institute-finds-security-vulnerabilites-in-cloud-storage-services-1575935.html 44. May 15, H Security – (International) Avira AV update hangs systems.

A faulty update for Avira’s paid-for anti-virus software blocks harmless processes and may, in some cases, stop computers from booting. The update results in the ProActiv behavioral monitoring component becoming oversensitive in treatment of executable files. According to user reports, ProActiv blocks trusted system processes such as cmd.exe, rundll32.exe, taskeng.exe, wuauclt.exe, dllhost.exe, iexplore.exe, notepad.exe, and regedit.exe. In some cases, this results in Windows failing to boot properly. It also appears to be blocking non-OS applications such as Microsoft Office, the Opera Web browser, and Google’s Updater. All versions that include the ProActiv monitoring component are affected, including Avira Antivirus Premium 2012 and the enterprise

- 17 -

version; only 32-bit systems are affected, as ProActiv does not currently support 64-bit operating system. Users who installed the update are advised to disable ProActiv. In a statement to the H’s associates at heise Security, Avira confirmed the problem and said developers are working on an automatic update to resolve the bug. The potential scale of the bug is huge — according to Avira, the faulty update was already downloaded more than 70 million times (this figure includes those running the free version of Avira which is not affected). The company stopped distributing the update. Source: http://www.h-online.com/security/news/item/Avira-AV-update-hangs-systems-1575974.html 45.

 

May 14, SecurityWeek – (International) Trend Micro reveals top document attack vectors from April.

Trend Micro researchers recently revealed just how prevalent the use of certain document types is among attackers. By far, the two most popular document formats for hackers targeting Microsoft Office software are Word and Excel files, which were used in a combined 90 percent of attacks on Microsoft Office in April. The biggest reason for this is that the two most reliable exploits used by hackers targeted CVE-2010-3333 and CVE-2012-0158, which are both Word vulnerabilities. Source: http://www.securityweek.com/trend-micro-reveals-top-document-attack-vectors-april For more stories, see

Written testimony of U.S. Coast Guard Commandant Admiral Robert Papp Jr. for a Senate Committee on Appropriations, Subcommittee on Homeland Security hearing addressing the President’s Fiscal Year 2013 budget request for the U.S. Coast Guard

Release Date: May 9, 2012

138 Dirksen

Introduction

Good morning Madam Chair and distinguished members of the Committee. Thank you for the continuing support you have shown to the men and women of the United States Coast Guard, including the funding provided in the Fiscal Year (FY) 2012 Consolidated Appropriations Act to recapitalize the aging fleet and sustain front-line operations.

This year marks our 222nd year of protecting Americans on the sea, America from threats delivered by the sea and the sea itself. Throughout this period, our unique authorities, capable assets and determined personnel have adapted to meet the Nation’s evolving maritime safety, security and stewardship needs. We are locally based, nationally deployed and globally connected.

I am here today to discuss the Coast Guard’s FY 2013 Budget Request. Before discussing the details of the request, I would like to take this opportunity to discuss some of the Coast Guard’s recent operational successes, our value and role in the Department of Homeland Security, and in service to the Nation.

Over the past year, Coast Guard men and women – Active Duty, Reserve, Civilian and Auxiliarists alike – continued to deliver premier service to the public. In the Midwest, Coast Guard Disaster Assistance Response Teams were among the first responders to residential areas impacted by severe flooding. In the Western Caribbean, Coast Guard Medium Endurance Cutters and Seagoing Buoy Tenders interdicted and supported the multi-agency recovery of Self- Propelled Semi-Submersible vessels. These “drug subs” are designed for one specific purpose – to deliver multi-ton loads of pure cocaine bound for our shores, streets and schools. While the use of drug subs is increasingly popular in the Eastern Pacific, these interdictions mark the first time we have encountered drug subs in the Western Caribbean. In the Arctic, the Coast Guard icebreaker HEALY and her crew broke their way through 800 miles of Bering Sea ice to enable the Motor Vessel Renda to deliver 1.3 million gallons of fuel to the 3,600 people of Nome, Alaska after extreme weather and ice formation precluded safe delivery of this vital commodity.

Last year, the Coast Guard responded to 20,510 Search and Rescue cases and saved over 3,800 lives; seized over 75 metric tons of cocaine and 18 metric tons of marijuana destined for the United States; seized 40 vessels, detained 191 suspected smugglers; conducted over 10,400 annual inspections of U.S. flagged vessels; conducted 6,200 marine casualty investigations; conducted more than 9,000 Port State Control and Security examinations on foreign flagged vessels; and responded to 3,000 pollution incidents.

I am pleased to advise you that the Coast Guard recently accepted delivery of the lead Sentinel Class Fast Response Cutter, the BERNARD C. WEBBER. Sixty years ago, on February 18, 1952, Boatswain's Mate First Class Webber and his three-man 36-foot motorized lifeboat crew rescued 32 souls, one by one, from the 503-foot Tank Vessel Pendleton after it broke in two in a Nor’easter off Cape Cod featuring 60-foot seas, 70-knot winds and blinding snow. Petty Officer Webber’s seamanship, courage and leadership serve as an enduring reminder of the Coast Guard’s value to the Nation.

The FY 2013 Budget represents a critical inflection point – the ships, boats and aircraft we are investing in today are vital to ensuring the Coast Guard remains ready to respond to maritime threats and hazards, well into the future. Indeed, these resources will not just shape, but in a large part will define the Coast Guard’s next fifty years of capability. We are also exercising resource and operational stewardship while simultaneously preparing for the future. We recently completed a review of doctrine, policy, and our operations and mission support structure to ensure we are focusing resources and forces where they are most needed. This prioritization is reflected in our FY 2013 budget submission, which focuses on balancing current operations with our need to recapitalize for the future. However, we must do so in a manner that sustains our capability to safeguard lives, protect the environment and facilitate safe and secure commerce throughout our Maritime Transportation System – a system which carries 95 percent of all U.S. foreign trade and accounts for nearly $700 billion of the U.S. gross domestic product and 51 million U.S. jobs.

The Coast Guard’s value and role: We protect those on the sea: leading responses to maritime disasters and threats, ensuring a safe and secure Maritime Transportation System, preventing incidents, and rescuing those in distress. We protect America from threats delivered by sea: enforcing laws and treaties, securing our ocean resources, and ensuring the integrity of our maritime domain from illegal activity. We protect the sea itself: regulating hazardous cargo transportation, holding responsible parties accountable for environmental damage and cleanup, and protecting living marine and natural resources.

 

FY 2013 Request

In recognition of the current fiscal environment, the Coast Guard’s FY 2013 Budget strikes the optimal balance between current operations and investment in future capability to sustain the Coast Guard’s ability to execute its missions, and address the most pressing operational requirements. This budget request includes investment in new assets which are critical to ensure the Coast Guard remains capable of carrying out its missions today and well into the future. Accordingly, the Coast Guard’s FY 2013 Budget priorities are to:

• Responsibly Rebuild the Coast Guard
• Efficiently Preserve Front-line Operations
• Strengthen Resource and Operational Stewardship
• Prepare for the Future

 

Highlights from our request are included in Appendix I.

The Coast Guard Cutter WAESCHE conducts at-sea refueling operations for the first time in the ship's history.

Responsibly Rebuild the Coast Guard
The Coast Guard continues to focus resources on recapitalizing cutters, boats, aircraft, and Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance systems, critical to sustaining the ability to accomplish missions well into the future. This budget request fully funds the sixth National Security Cutter, strengthening the Coast Guard’s long-term major cutter recapitalization effort to replace its aged, obsolete High Endurance Cutter fleet as quickly as possible. The FY 2013 investments are critical to replacing and sustaining aging in-service assets, and are key to maintaining future capability.

Efficiently Preserve Front-line Operations
To ensure the Coast Guard remains ready to meet the Nation’s safety and security requirements, the FY 2013 Budget request provides a balance between sustaining front-line operational capacity and rebuilding the Coast Guard. The FY 2013 Budget provides funding to operate and maintain Coast Guard assets and sustain essential front-line operations. Key investments include funding the operation of new assets delivered through acquisition programs and investment in military workforce pay and benefits.

Strengthen Resource and Operational Stewardship
The FY 2013 Budget meets essential mission needs while simultaneously preparing for new and exigent demands. Through a comprehensive internal review of doctrine, policy, operations and mission support structure, the Coast Guard has focused resources and forces where they are most needed, while recognizing the current fiscal challenges. The FY 2013 budget also proposes administrative and programmatic reductions to improve efficiency and service delivery, while continuing investment in Coast Guard activities that provide the highest return on investment.

Prepare for the Future
The Coast Guard continuously identifies and prepares for emerging maritime threats facing the Service and the Nation. The FY 2013 Budget request recognizes the criticality of the Arctic as a strategic National priority, given increasing presence and interest by other Nations, the preponderance of natural resources available in this region, and increasing maritime commercial and recreational activity.

Conclusion

The role of the Coast Guard has never been more important. As we have done for well over two centuries, we remain “Always Ready” to meet the Nation’s ever-broadening maritime needs, supported by the FY 2013 request. I request your full support for the funding requested for the Coast Guard in the President’s FY 2013 Budget. Again, thank you for the opportunity to testify before you today. I am pleased to answer your questions.

Appendix I - Fiscal Year 2013 Budget Request

RESPONSIBLY REBUILD THE COAST GUARD

Surface Assets
$879.5M (0 FTE)

The budget provides $879.5 million for surface asset recapitalization and sustainment initiatives, including:

• National Security Cutter (NSC) – Provides production funding for the sixth NSC; NSCs will replace the aging fleet of High Endurance Cutters, first commissioned in 1967. The acquisition of NSC-6 is vital for performing DHS missions in the far off-shore regions, including the harsh operating environment of the Pacific Ocean and Bering Sea, as well as providing for robust homeland security contingency response.
• Fast Response Cutter (FRC) – Provides production funding to procure Fast Response Cutters (FRC) 19-20. These assets replace the aging fleet of 110-foot patrol boats, and provide the coastal capability to conduct Search and Rescue operations, enforce border security, interdict drugs, uphold immigration laws, prevent terrorism, and ensure resiliency to disasters. Hulls #17 - 20 will be procured in FY 2013 using FY 2012 and FY 2013 funds, maintaining FRC production at the current rate.
• Offshore Patrol Cutter (OPC) – Continues initial acquisition work and design of the OPC. The OPC will replace the Medium Endurance Cutter class to conduct missions on the high seas and coastal approaches.
• Medium Endurance Cutter (MEC) – Completes the Mission Effectiveness Program for the 270-foot MECs at the Coast Guard Yard.
• Survey and Design – Initiates survey and design work for a mid-life availability on the 175-foot Coastal Buoy Tender class.

Air Assets
$74.5M (0 FTE)

The budget provides $74.5 million for the following air asset recapitalization or enhancement initiatives, including:

• HC-144 – Funds production of the 18th HC-144A Maritime Patrol Aircraft. The HC-144A fleet will provide enhanced maritime surveillance and medium airlift capability over the legacy HU-25 aircraft that they replace. The HU-25s will all be removed from service by the end of their planned service life, in FY 2014.
• HH-65 – Funds sustainment of key components requiring recapitalization.

Asset Recapitalization – Other
$76.5M (0 FTE)

The budget provides $76.5 million for the following equipment and services:

• Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance (C4ISR) – Deploys standardized C4ISR capability to newly fielded NSCs, C-130s and MPAs, and develops C4ISR capability for other new assets.
• CG-Logistics Information Management System – Continues development and prototype deployment to Coast Guard operational assets and support facilities.
• Nationwide Automatic Identification System (NAIS) – Continues recapitalizing the existing interim NAIS system in 58 ports and 11 coastal areas by replacing it with the permanent solution design and technology via the core system upgrade.

Shore Units and Aids to Navigation (ATON)
$69.4M (0 FTE)

The budget provides $69.4 million to recapitalize shore infrastructure for safe, functional and modern shore facilities that effectively support Coast Guard assets and personnel:

• Station New York Boat Ramp – Constructs a boat ramp for launching small boats at Station New York, NY, for both the Station and Maritime Safety and Security Team New York.
• Air Station Barbers Point – Constructs an aircraft rinse rack facility to properly and effectively rinse C-130 aircraft at Air Station Barbers Point.
• Major Acquisition Systems Infrastructure – Commences construction of piers and support facilities for three FRC homeports; construction of an MPA training facility at Aviation Technical Training Center in Elizabeth City, NC; construction of MPA maintenance facility hangar at the Aviation Logistics Center at Elizabeth City, NC.
• ATON Infrastructure – Completes improvements to short-range aids and infrastructure to improve the safety of maritime transportation.

Personnel and Management
$117.4M (842 FTE)

The budget provides $117.4 million to provide pay and benefits for the Coast Guard’s acquisition workforce.

EFFICIENTLY PRESERVE FRONT-LINE OPERATIONS

Pay & Allowances
$88.9M (0 FTE)

The budget provides $88.9 million to fund the civilian pay raise and maintain parity of military pay, allowances, and health care with the DoD. As a branch of the Armed Forces of the United States, the Coast Guard is subject to the provisions of the National Defense Authorization Act, which includes pay and personnel benefits for the military workforce.

Annualization of Fiscal Year 2012
$54.2M (260 FTE)

The budget provides $54.2 million to continue critical FY 2012 initiatives.

Operating and Maintenance Funds for New Assets
$47.6M (139 FTE)

The budget provides a total of $47.6 million to fund operations and maintenance of shore facilities and cutters, boats, aircraft, and associated C4ISR subsystems delivered through acquisition efforts. Funding is requested for the following assets and systems:

• Shore Facilities – Funding for the operation and maintenance of shore facility projects scheduled for completion prior to FY 2013.
• Response Boat-Medium – Funding for operation and maintenance of 30 boats.
• Interagency Operations Center (IOC) – Funding for the operation and maintenance of the Watch Keeper system.
• Rescue 21 (R21) – Funding for the operation and maintenance of the R21 System in Sector Sault Ste. Marie and Sector Lake Michigan.
• FRC – Operating and maintenance funding for FRCs #8-9 and funding for crews #9-10. These assets will be homeported in Key West, FL. Funding is also requested for shore-side maintenance personnel needed to support FRCs.
• HC-144A MPA – Operating and maintenance funding for aircraft #14-15 and personnel funding to operate and support aircraft #15-16.
• Air Station Cape Cod Transition – Funding to complete a change in aircraft type allowance, and programmed utilization rates.
• Training Systems for Engineering Personnel – Funding to support NSC and FRC training requirements at Training Center Yorktown.
• HC-130H Flight Simulator Training – Funding to support aircraft simulator training for HC-130H pilots, flight engineers, and navigators.

St. Elizabeths Headquarters Consolidation
$24.5M (0 FTE)

Provides funding to support the Coast Guard’s relocation to the DHS consolidated headquarters at the St. Elizabeths Campus in Washington, DC. Funding supports the systematic move of equipment, employees, and work functions to the new headquarters location, beginning in the third quarter of FY 2013.

STRENGTHEN RESOURCE AND OPERATIONAL STEWARDSHIP

ASSET DECOMMISSIONINGS

In FY 2013, in addition to the planned decommissioning of legacy assets, the Coast Guard will make targeted operational reductions to prioritize front-line operational capacity and invest in critical recapitalization initiatives.

High Endurance Cutter (HEC) Decommissionings
-$16.8M (-241 FTE)

The Coast Guard will decommission the fourth and fifth of the original fleet of twelve HECs. With the average cutter age at 43 years, the HEC fleet has become increasingly difficult to maintain and sustain operationally. The decommissioning of two HECs is critical to support ongoing major cutter recapitalization efforts. National Security Cutters, including the sixth NSC which is fully funded by this budget request, replace the aging HEC fleet.

110-ft Island Class Patrol Boat Decommissionings
-$2.0 M (-35 FTE)

The Coast Guard will decommission three 110-ft patrol boats in FY 2013. The 110-ft patrol boats are being replaced by the FRC.

High Tempo High Maintenance Patrol Boat Operations
-$33.5M (-206 FTE)

The Coast Guard will terminate the High Tempo High Maintenance (HTHM) operations program that facilitates augmented operation of 8 in-service 110-foot patrol boats. Termination of this program coincides with commissioning of new FRCs which will mitigate this lost capacity.

Close Seasonal Air Facilities
-$5.2M (-34 FTE)

The Coast Guard will improve the efficiency of domestic air operations by closing Seasonal Air Facilities and realigning rotary wing capacity to provide three medium-range H-60 helicopters to the Great Lakes region to replace the H-65s currently in service. Due to limited demand for services and improved endurance from the H-60, the Coast Guard will discontinue operations at two seasonal Coast Guard Air Facilities at Muskegon, MI, and Waukegan, IL.

HU-25 Aircraft Retirements
-$5.5M (-20 FTE)

The Coast Guard will retire the three remaining HU-25 aircraft assigned to Coast Guard Air Station (CGAS) Cape Cod to allow for the transition to HC-144A aircraft. In FY 2013, the Coast Guard will deliver and place in full-operational status three HC-144A aircraft at CGAS Cape Cod.

MANAGEMENT EFFICIENCIES

The budget proposes administrative and programmatic efficiencies to improve service delivery, while continuing investment in Coast Guard activities that provide the highest return on investment.

DHS Enterprise-Wide Efficiencies
-$56.3M (-24 FTE)

The Coast Guard will seek efficiencies and cost reductions in the areas of IT infrastructure, government vehicles, professional services contracts, non-operational travel, GSA leases, permanent change of duty station relocation costs for military personnel, and logistics services by consolidating/centralizing functions in geographically concentrated areas.

Programmatic Reductions

In FY 2013, the Coast Guard will make targeted reductions in base program areas. These base adjustments recognize changes in requirements for selected activities and redirect resources toward higher-priorities, including critical recapitalization projects and essential frontline operations.

Headquarters Personnel and Support Reduction
-$12.7M (-131 FTE)

The Coast Guard will eliminate 222 Headquarters positions through attrition and implementation of a civilian hiring freeze in the Washington, D.C. area. This reduction preserves the Coast Guard’s critical capabilities to conduct front-line operations; mission support; and development and implementation of national policies and regulations.

Recruiting Program Reduction
-$9.8M (-39 FTE)

The Coast Guard will make reductions to the Recruiting program and Selective Reenlistment Bonuses, which are not needed based on the current employment outlook.

Other Targeted Program Reductions
-$6.2M (-62 FTE)

The Coast Guard will make targeted reductions to the Intelligence workforce, Organizational Performance Consultants, and non-reimbursable Detached Duty billets.

Targeted Operational Reductions
-$3.7M (-32 FTE)

Based on an internal review and assessment of operational risk, the Coast Guard proposes to make targeted operational reductions by reorganizing the international Mobile Training Team, consolidating PWCS Airborne Use of Force (AUF) capability at Elizabeth City, NC; and San Diego, CA, and eliminating the Vintage Vessel National Center of Expertise.

PREPARE FOR THE FUTURE

Polar Icebreaker
$8.0M* (0 FTE)

Initiates survey and design of a new Polar Icebreaker to ensure the Nation is able to maintain a surface presence in the Arctic well into the future.

Alaska Shore Facilities
$6.1M* (0 FTE)

Provides funding to recapitalize and expand helicopter hangar facilities in Cold Bay, AK, and recapitalize aviation re-fueling facilities at Sitkinak, AK. These investments will sustain the Coast Guard’s ability to establish effective presence in the Bering Sea and Aleutian Chain - the “gateway” to the Arctic.

* Note: Funding amounts within this section are included in totals listed within the Responsibly Rebuild the Coast Guard section.

Huge sunspots the size of the Earth warn of potential massive solar storms

Tue, May 8, 2012

 
To see where the earth, Mars, the sun and the Mars Solar Laboratory are in space and how much jeopardy each may face with these X class CME's, go to Marsnow.info.

 

Astronomers have observed a huge sunspot group on the surface of the sun, sized at more than 60,000 miles across, which might outbreak in a potentially hazardous solar storm.

From time to time, the sun spews huge energy releases called solar flares, which depending on their magnitude (the weakest are “C” class and the most powerful are “X” class) can cause radio blackouts and irremediable damage to satellites. Powerful sun flares are sometimes, however, joined by coronal mass ejections (CMEs) that cause geomagnetic storms on Earth. CMEs are what cause the beautiful northern and southern lights, or auroras, but they can also inflict catastrophic events. Coronal mass ejections are caused when the magnetic field in the sun’s atmosphere gets disrupted and then the plasma, the sun’s hot ionized gas, erupts and send charged particles into space.

If the geomagnetic storm caused by the CMEs is big enough, it can cause a damaging extra electrical current to flow through the grid. Some of you might remember the 1989 Quebec incident, when the whole city was blackout after the entire grid got fried, causing an estimate $2 billion Canadian in damage at the time. Besides blackouts, CMEs can also disrupt GPS signals and radio telecommunications.

Both CMEs and sun flares most often sprout from active regions around sunspots.

AR 1476, the huge sunspot complex I’ve mentioned earlier, might just be a birthplace for havoc. Another sunspot group, albeit smaller, called AR 1471, already erupted Monday evening with a M1 flare – one of the least powerful.

“With at least four dark cores larger than Earth, AR 1476 sprawls more than 100,000 km from end to end, and makes an easy target for backyard solar telescopes,” the website Spaceweather.com reported Monday.

The sun’s activity naturally lowers and increases in its 11-year cycle – towards the end of the cycle, like it’s the case currently, the sun is most active. The current cycle, known as  Solar Cycle 24, is set to peak in 2013.

CBP, EU Sign C-TPAT Mutual Recognition Decision

(Friday, May 04, 2012)

Washington — U.S. Customs and Border Protection (CBP) and the European Union (EU) signed today a Mutual Recognition Decision between CBP’s Customs-Trade Partnership Against Terrorism (C-TPAT) program and the EU’s Authorized Economic Operator (AEO) program.

U.S. Customs and Border Protection Acting Commissioner David V. Aguilar and European Union Taxation and Customs Union Directorate Director-General Heinz Zourek sign the Mutual Recognition Decision between CBP’s Customs-Trade Partnership Against Terrorism program and the EU’s Authorized Economic Operator Program. Photo Credit: Jim Tourtellotte

 

CBP Acting Commissioner David V. Aguilar and Director-General Heinz Zourek, European Union Taxation and Customs Union Directorate (TAXUD) signed the decision, which recognizes compatibility between the EU and the U.S. cargo security programs.

 

“I can look back with pride on the considerable work that was completed by CBP and TAXUD to make this effort come to fruition and that we always maintained the necessary focus on security throughout the process,” said Acting Commissioner Aguilar.

 

“Today's decision on the mutual recognition of the EU and U.S. trade partnership programmes is a win-win achievement: It will save time and money for trusted operators on both sides of the Atlantic while it will allow customs authorities to concentrate their resources on risky consignments and better facilitate legitimate trade,” said Director-General Zourek.

 

C-TPAT is a voluntary government-business initiative to build cooperative relationships that strengthen and improve overall international supply chain and U.S. border security. C-TPAT recognized that U.S. Customs and Border Protection can provide the highest level of cargo security only through close cooperation with the ultimate owners of the international supply chain such as importers, carriers, consolidators, licensed customs brokers, and manufacturers.

 

U.S. Customs and Border Protection is the unified border agency within the Department of Homeland Security charged with the management, control and protection of our nation's borders at and between the official ports of entry. CBP is charged with keeping terrorists and terrorist weapons out of the country while enforcing hundreds of U.S. laws.