Category / #IP2017

by PBCCleaks

Anatomy of a cyber-attack

It is hard to operate in cyberspace without leaving a trail. The September 25th cyber attack on deproxfraud.info, and whistleblower Richard Marsh’s personal Facebook, Google, Gmail, Twitter, Dropbox, Vimeo, WordPress, YouTube and Twitter accounts shows a particularly grubby set of fingerprints that the Norfolk CID will doubtless be familiar with…

Richard Marsh is resident in Saskatchewan, Canada, and has been since January 2017. Thus when social media sites detected “persons unknown” logging in to the administration areas of his websites and pages from locations in Norfolk UK, they automatically sent out Security Alert emails to the page or website owner.

From the flurry of security alerts received on the 25th and 26th September, an exact timeline of the hacker’s activity can be constructed. Note that the email times are for Saskatchewan, which is 7 hours behind the UK. The hacker started by illegally accessing Richard’s Twitter account at 20.33 from a location in King’s Lynn, Norfolk. This generated the security alert below at 13.33 Saskatchewan time.

fentiman hack

September 25th, 2017

13.33 Twitter new login from King’s Lynn, Norfolk

13.40 Facebook password reset

13.47 Twitter password reset

13.54 Twitter email address changed

14.34 WordPress (deproxfraud.info) email address changed

15.22 Vimeo account deleted

15.23 Gmail account security alert: Sign in from a Blackberry device in the UK

18.31 Dropbox account accessed from Terrington St. Clement, Norfolk

19.33 New email address “rubbish@sasktel.net” added to LinkedIn account

September 26th, 2017

01.58 Romer Photonics Company page removed from LinkedIn

05.16 Facebook account login from Whittlesford, UK

The directors of Hygiene Solutions Ltd and their partners in crime might like to contemplate the fate of young Gareth Crosskey, who was sentenced to a year in prison for hacking a Facebook Account.

fentiman hack facebook

by PBCCleaks

If you can’t beat them…

…cheat them!

Trials in real hospital environments present the most accurate and convincing measure of the comparative efficacy of the various area decontamination systems offered. Highly qualified microbiologists go to great lengths to ensure that both the environment in the rooms and the test organisms are matched as precisely as possible for the different systems being compared, and that the tests are as far as possible closely representative of genuine hospital situations.

It is obvious that these tests are only meaningful if the decontamination systems under test are also operated exactly as they would be in everyday use, i.e. using the same methods and timing as the manufacturer recommends.

Unfortunately, a small minority of manufacturers are prepared to abuse the trust of the scientific community, and deliberately move the goalposts to give their equipment an unfair advantage.

A recently published comparative test of the Surfacide versus the Ultra-V UV-C systems, conducted by the UCLH Clinical Microbiology Lab is a sad example of this deceitful and unfair practice. As might be expected of the UCLH, the preparation of the rooms and the microbiological testing was done carefully and thoroughly. The test however was sabotaged by Ultra-V manufacturer, Hygiene Solutions Ltd, who rather than operating their machine in line with their published procedures, instead took the following measures in an attempt to cheat the competition of a fair outcome:

  1. They extended the exposure time four fold, from the claimed 20 minutes to over 80 minutes.
  2. They repositioned the unit several times during each process – contrary to their published claim that the unit will decontaminate a whole room from a single central location.

The Surfacide system, meanwhile, was operated exactly as the manufacturer describes – without relocation, and with the exposure set by the integral measuring system.

In spite of this grossly unfair advantage, the Ultra-V still gave a significantly inferior performance to Surfacide – particularly in respect of C. difficile spores, where the following log reductions were obtained:

IPS Infection Prevention 2017 #IP2017 Ultra-V Surfacide C difficile

For C. difficile with low soiling, the Ultra-V in spite of its unfair advantages, averaged a log reduction of just 0.58 as compared with Surfacide which averaged a useful, if not dramatic, log 2.5.

What then would the results of a FAIR test have been? Or in other words, what can we expect the Ultra-V to achieve in real, everyday use? Numerous studies demonstrate that log reduction with time is essentially linear in the range of log 0 to 5. As Ultra-V is actually only used with a 20 minute rather than an 80 minute exposure, we can expect the log reductions in 20 minutes to be about 25% of the figures obtained in the test.

Replotting the bar graphs from the UCLH poster presentation gives the following comparison, which represents the real relative performance of the two systems:

IPS Infection Prevention 2017 #IP2017 Ultra-V Surfacide C difficile NHS.png

It is clear at a glance that for MRSA, and K. pneumoniae , Ultra-V averages well below log 2, and its efficacy against C. difficile is negligible. However, the Hygiene Solutions website boldly makes the following claim:

Ultra-V

Ultra-V 2.PNG

What independent research is referred to here? – Just ask Hygiene Solutions –  they will send you a copy of the sabotaged UCLH study analysed above…