Dharamart

05/06/2015

Whoever was behind the latest theft of personal data from US government computers, they appear to be following a new trend set by cybercriminals: targeting increasingly valuable medical records and personnel files. This data, experts say, is worth a lot more to cybercriminals than, say, credit card information. And the Office of Personnel Management (OPM) breach revealed on Thursday suggests cyberspies may now also be finding value in it.

Cyber investigators from iSight Partners said they had linked the OPM hack to earlier thefts of healthcare records from Anthem Inc, a health insurance company, and Premera Blue Cross, a healthcare services provider. Tens of millions of records may have been lost in those attacks.

All three breaches have one thing in common, said John Hultquist of Dallas-based iSight. While cyberespionage usually focuses on stealing commercial or government secrets, these attacks targeted personally identifiable information.

The stolen data "doesn't appear to have been monetised and the actors seem to have connections to cyberespionage activity", said Hultquist, adding that none of the data taken in the earlier attacks had turned up for sale on underground forums.

A source close the matter said, US authorities were looking into a possible China connection to the breach at OPM, which compromised the personal data of 4 million current and former federal employees. Several US states were already investigating a Chinese link to the Anthem attack in February, a person familiar with the matter has said.

China routinely denies involvement in hacking, and on Friday a spokesman for the Foreign Ministry in Beijing said suggestions it was involved in the OPM breach were "irresponsible and unscientific".

Hultquist said iSight could not confirm that China was behind the attacks, but similar methods, servers and habits of the hackers pointed to a single state-sponsored group.

BLACK MARKET FLOODED

Security researchers say that medical data and personnel records have become more valuable to cybercriminals than credit card data.

The price of stolen credit cards has fallen in online black markets, in part because massive breaches have spiked supply. "The market has been flooded," said Ben Ransford, co-founder of security start-up Virta Laboratories.

The result: medical information can be worth 10 times as much as a credit card number. Fraudsters use this data to create fake IDs to buy medical equipment or drugs that can be resold, or they combine a patient number with a false provider number and file made-up claims with insurers.

State-sponsored hackers may not be after money, but would also be interested in such data because they could then build a clearer picture of their target. That, said Philip Lieberman of security software company Lieberman Software, would increase the chances of any targeted email attack, or spear phish, successfully obtaining confidential data.

Others said that, given the data affected included job histories, those targets might be in other government departments. "It's likely this is less about money and more about gaining deeper access to other systems and agencies," said Mark Bower of HP Security Voltage, a data security company.

This interest in more granular data is pushing hackers of all stripes into more inventive ways of penetrating the defences of hospitals and other institutions holding such data. TrapX, a cybersecurity company, said it had discovered criminal gangs from Russia and China infecting medical devices such as X-Ray systems and blood gas analysers to find their way into servers from which they stole personnel and patient data. Other security researchers agreed this kind of attack was becoming more common.

Billy Rios, founder of security company Laconicly, said he had found infected systems while working with several healthcare organisations. "Clinical software is riddled with security vulnerabilities," he said.

A survey by think-tank the Ponemon Institute, issued last month said that more than 90% of healthcare organisations surveyed had lost data, most of it to hackers. "This is going to get worse before it gets better," said Carl Wright, of TrapX, which discovered the breaches via medical devices.

05/06/2015

Maggi’s entry into the Indian markets in the 1980s and its rapid success as an easy-to-cook snack are often cited as a management case study. Today, the company is battling a credibility crisis rocked by allegations that the much-loved product instant noodle contained seven-times the permissible level of lead.

On Friday, India's food regulator ordered the withdrawal of Maggi noodles from the market amid growing food safety concerns, dealing a fresh blow to manufacturer Nestle India which is struggling to contain the spiralling crisis that has knocked about 10% off its share price. Nestle bowed to pressure and announced late on Thursday an India-wide recall of the two-minute noodle.

The responses of the conservative Swiss company to the crisis, however, have left many management analysts baffled. Here’s a list of five things that Nestle India should have done, but didn’t.

PROTECT THE MASCOT: Every successful corporate story is mostly defined by a single brand that symbolises its character. Think Apple, think iPhones. Think Nestle India, think Maggi. Protecting the mascot’s reputation and credibility is non-negotiable.

Misstep #1 Nestle allowed its icon (Maggi) to be the target of a controversy that questioned its reputation. From a marketing standpoint guarding against such slip-ups figure high on DON’TS list.

CHOOSE THE RIGHT P: Product, pricing, promotion and packaging: the value of each P varies depending on the nature and intensity of the crisis. Product clearly stands out as the most important in most cases.

Misstep #2 You don’t need to be a marketing guru to tell you which P was important for Nestle. It’s the Product (Maggi), which the company should have attached the most value and significance.

http://www.hindustantimes.com/Images/popup/2015/6/maggi_popup.jpg
The controversy around the popular snack has assumed enormous proportions. (Reuters)

DRAFT A MEDIA PLAN: The language of credibility has a different grammar. Media-- mass and social-- plays the role of conjunction in this dialect. Grabbing eyeballs 24x7 is important.

Misstep #3 Being conservative is good, but not quite in a crisis involving its most iconic product. Reaching out proactively through media should have been the first boxes to tick in the To Do list. Avoiding media is a strict NO NO.

DON’T BE IN DENIAL: This is the age of class action suits and consumer activism, aided ably by real-time consumer activism. Conditional acceptance of allegations can work wonders in limiting potential damage.

Misstep #4 Nestle continues to remain in denial. Its argument: Maggi is safe. But an offer to recall or withdraw existing stocks from shop shelves immediately after the controversy broke out could have prevented things getting out of hand.

EDUCATE, EDUCATE, EDUCATE: Each brand has a soul and a distinct character. That’s what distinguishes a cult brand (say a Harley Davidson mobike) from an average brand. Constant education about the brand is a standard operating procedure to keep crisis at bay.

Misstep #5 Nestle’s representatives have been hardly seen either at retail stores or popular vends offering to clear the air. Neither has it come out with any unusual videos or campaigns to educate loyal patrons.

05/06/2015

Prime Minister Narendra Modi's image featured in top 10 criminals of the world in Google search engine on Wednesday. Though the internet giant issued a statement, apologising for 'any confusion or misunderstanding', but the image continued to appear in the search till late in the night.

"These results trouble us and are not reflective of the opinions of Google. Sometimes, the way images are described on the internet can yield surprising results to specific queries. We apologise for any confusion or misunderstanding this has caused. We're continually working to improve our algorithms to prevent unexpected results like this," a Google spokesperson said in a statement.

Google said that results to the query "top 10 criminals in india" was due to a British daily which had an image of Modi and erroneous metadata.

It said that in this case, the image search results were drawn from multiple news articles with images of Modi, covering the prime minister's statements with regard to politicians with criminal backgrounds, but added that the news articles do not link Modi to criminal activity, and the words just appeared in close proximity to each other.

PM Modi's image appeared along with those of underworld don Dawood Ibrahim, slain al-Qaeda chief Osama bin Laden, Hafiz Sayeed, and Ayman al-Zawahiri among others.

05/06/2015

03/08/2014

Here is the complete list of switches for DIR
DIR [drive:][path][filename] [/A[[:]attributes]] [/B] [/C] [/D] [/L] [/N]
[/O[[:]sortorder]] [/P] [/Q] [/S] [/T[[:]timefield]] [/W] [/X] [/4]

[drive:][path][filename]
Specifies drive, directory, and/or files to list.

/A Displays files with specified attributes.
attributes D Directories R Read-only files
H Hidden files A Files ready for archiving
S System files - Prefix meaning not
/B Uses bare format (no heading information or summary).
/C Display the thousand separator in file sizes. This is the
default. Use /-C to disable display of separator.
/D Same as wide but files are list sorted by column.
/L Uses lowercase.
/N New long list format where filenames are on the far right.
/O List by files in sorted order.
sortorder N By name (alphabetic) S By size (smallest first)
E By extension (alphabetic) D By date/time (oldest first)
G Group directories first - Prefix to reverse order
/P Pauses after each screenful of information.
/Q Display the owner of the file.
/S Displays files in specified directory and all subdirectories.
/T Controls which time field displayed or used for sorting
timefield C Creation
A Last Access
W Last Written
/W Uses wide list format.
/X This displays the short names generated for non-8dot3 file
names. The format is that of /N with the short name inserted
before the long name. If no short name is present, blanks are
displayed in its place.
/4 Displays four-digit years

03/08/2014

DIR *.DWG /s /b > "C:/Program Files/Hurricane/DATA/DWGTest.LST"