Exclusive: Expert to warn Congress of Healthcare.gov security bugs

[EagleKeeper]

Kennedy, a former U.S. Marine Corps cyber-intelligence analyst, said his firm has prepared a 17-page report describing some of the problems. It does not go into specifics in some areas, he said, because that could provide criminals with a blueprint for launching attacks.

"There is a lot of stuff that we are not publicly disclosing because of the criticality of the findings," he said. "We don't want to hurt people."

Read the rest here:  http://www.reuters.com/article/2013/11/19/us-usa-healthcare-security-idUSBRE9AI0NR20131119?feedType=RSS&feedName=topNews&utm_source=dlvr.it&utm_medium=twitter&dlvrit=992637


I've seen reports that the site exposes its source code to whomever wants to look at it. If someone were able to do the same thing with the Federal Data Hub then it's all over but the crying.

[Happy Fun Ball]

The biggest problem with Obamacare is that it exists.

[NHSparky]

Read the rest here:  http://www.reuters.com/article/2013/11/19/us-usa-healthcare-security-idUSBRE9AI0NR20131119?feedType=RSS&feedName=topNews&utm_source=dlvr.it&utm_medium=twitter&dlvrit=992637


I've seen reports that the site exposes its source code to whomever wants to look at it. If someone were able to do the same thing with the Federal Data Hub then it's all over but the crying.

Frankly, I'd be surprised if a lot of sensitive government servers haven't been compromised for years.

[EagleKeeper]

Frankly, I'd be surprised if a lot of sensitive government servers haven't been compromised for years.

Your probably right Sparky but the Federal Data Hub was specifically constructed for Ocare and if it gets hacked it presents a "one stop shopping" opportunity.

You don't even need to enter your information into healthcare.gov, federal databases of the IRS, Homeland security, HHS, social security and treasury will be accessible from a single point.

The Obama administration and the democrats built specific infrastructure that enables access to all your personal information.

So...might as well sign up for Obamacare, what the heck.

[thundley4]

Your probably right Sparky but the Federal Data Hub was specifically constructed for Ocare and if it gets hacked it presents a "one stop shopping" opportunity.

You don't even need to enter your information into healthcare.gov, federal databases of the IRS, Homeland security, HHS, social security and treasury will be accessible from a single point.

The Obama administration and the democrats built specific infrastructure that enables access to all your personal information.

So...might as well sign up for Obamacare, what the heck.

You make it sound like Obamacare was designed to let foreign agents hack the US government.

[EagleKeeper]

 

As bad an idea as Ocare was it sure is entertaining.

I thiefed this from Ace. The whole thing is pretty good but the latest punch line comes in at 2:50.

60 to 70% of healthcare.gov still remains to be "built". Whelp...they got to the end of the month, better get crackin!

Edit: Allah caught something that I didn't, Chao tries to correct himself towards the end of the video stating that it's really 30 to 40 % of the backend that remains to be built.

Including the payment system.

[youtube=425,350]http://www.youtube.com/watch?feature=player_embedded&v=6WzE3naHcq4[/youtube]

[NHSparky]

Your probably right Sparky but the Federal Data Hub was specifically constructed for Ocare and if it gets hacked it presents a "one stop shopping" opportunity.

You don't even need to enter your information into healthcare.gov, federal databases of the IRS, Homeland security, HHS, social security and treasury will be accessible from a single point.

The Obama administration and the democrats built specific infrastructure that enables access to all your personal information.

So...might as well sign up for Obamacare, what the heck.

Skynet has become self-aware.

[zeitgeist]

Skynet has become self-aware.

Seen this one?

http://www.zdnet.com/government-agency-compromised-by-fake-facebook-hottie-7000022700/

Imagine that.   

[Dori]

They said that there have been 16 hack attacks on healthcare.gov.  One of today's experts said that most websites get 30 to 40 thousand a month, and that 16 hack attacks means that the program can't even tell that it's getting attacked. 

[EagleKeeper]

Conventional wisdom explains that the simplest target comes under the most fire.

[EagleKeeper]

The Department of Health and Human Services (HHS) has claimed that the hub is essential to verifying the eligibility of individuals for the subsidies offered through the exchanges. The Centers for Medicare and Medicaid Services (CMS) has insisted that no data will be stored in the hub, yet any computer science student would tell you the hub will be a magnet for hackers, creating inherent vulnerability and risk by connecting these seven interfaces.

HHS will have to store user information in their servers as Americans sign up at healthcare.gov. Should cyber hackers access this user information, they could access the rest of the databases the hub is connected to, defeating the encryption HHS assures will protect us. These potential vulnerabilities are a dream of faceless international hackers and hostile foreign intelligence services.

Read more here: http://www.usatoday.com/story/opinion/2013/10/10/obamacare-exchange-federal-data-hub-column/2958681/


A few takeaways...

1) The crying is done, I guarantee you that the federal data hub has been pwoned.

2) When it comes to blackhats Anonymous are amateurs, the real pro's work out of the "Russian Business Network", nadin it and live in fear.

3) I've said it before, since the Federal Data Hub went online it no longer matters if you go get your Ocare, your personnel info is in the wild.


Edit: One thing that I forgot to mention, when you hear success stories of the state exchanges you must keep in mind that the state exchanges must go through the federal healthcare.gov data hub...so.

[DLR Pyro]

I've seen reports that the site exposes its source code to whomever wants to look at it.

This must be the transparency obozo was crowing about during the first election.

[Bad Dog]

They said that there have been 16 hack attacks on healthcare.gov.  One of today's experts said that most websites get 30 to 40 thousand a month, and that 16 hack attacks means that the program can't even tell that it's getting attacked. 

One of the experts also said the low number might be true, citing the Willie Sutton quote (When asked why he robbed banks, Willie said because that's where the money is.).  No point in hacking the website until it's nice and full of data.

[JohnnyReb]

One of the experts also said the low number might be true, citing the Willie Sutton quote (When asked why he robbed banks, Willie said because that's where the money is.).  No point in hacking the website until it's nice and full of data.

Right now it's those that haven't been able to afford insurance....IE the poor. Next year, employer mandate,  when those with good jobs lose their health insurance....now we're talking targets.

[rich_t]

Read more here: http://www.usatoday.com/story/opinion/2013/10/10/obamacare-exchange-federal-data-hub-column/2958681/


A few takeaways...

1) The crying is done, I guarantee you that the federal data hub has been pwoned.

2) When it comes to blackhats Anonymous are amateurs, the real pro's work out of the "Russian Business Network", nadin it and live in fear.

3) I've said it before, since the Federal Data Hub went online it no longer matters if you go get your Ocare, your personnel info is in the wild.


Edit: One thing that I forgot to mention, when you hear success stories of the state exchanges you must keep in mind that the state exchanges must go through the federal healthcare.gov data hub...so.

Sounds like a good marketing campaign for Life Lock.