Malicious codes embedded in Obamacare software, intelligence warns

[Mr Mannn]

http://freebeacon.com/the-belarusian-connection/

The intelligence agencies notified the Department of Health and Human Services, the agency in charge of the Healthcare.gov network, about their concerns last week. Specifically, officials warned that programmers in Belarus, a former Soviet republic closely allied with Russia, were suspected of inserting malicious code that could be used for cyber attacks, according to U.S. officials familiar with the concerns.

The software links the millions of Americans who signed up for Obamacare to the federal government and more than 300 medical institutions and healthcare providers.

“The U.S. Affordable Care Act software was written in part in Belarus by software developers under state control, and that makes the software a potential target for cyber attacks,” one official said.

Cyber security officials said the potential threat to the U.S. healthcare data is compounded by what they said was an Internet data “hijacking” last year involving Belarusian state-controlled networks. The month-long diversion covertly rerouted massive amounts of U.S. Internet traffic to Belarus—a repressive dictatorship located between Russia, Poland, and Ukraine.

“Belarusian President [Alexander] Lukashenko’s authoritarian regime is closely allied with Russia and is adversarial toward the United States,” the official added.

Another reason to avoid Obamacare at all costs.
But the question remains...WHY outsource programing to an avowed enemy country for such an essential national program? And why act surprised when you get malicious software embedded?

This program ties into numerous US databases, not to mention hospitals and millions of private homes.

Is the govt really that stupid?

[thundley4]

This program ties into numerous US databases, not to mention hospitals and millions of private homes.

Is the govt really that stupid?

It's almost like Obama is purposefully doing every thing he can to destroy this country.

[DefiantSix]

It's almost like Obama is purposefully doing every thing he can to destroy this country.

It's Obama. Du-uh! 

[biersmythe]

http://freebeacon.com/the-belarusian-connection/
Another reason to avoid Obamacare at all costs.
But the question remains...WHY outsource programing to an avowed enemy country for such an essential national program? And why act surprised when you get malicious software embedded?

This program ties into numerous US databases, not to mention hospitals and millions of private homes.

Is the govt really that stupid?

Yes

[Dori]

Gosh...I've heard so many horrible stories about Obamacare lately.

Not just about the website itself,  but what people who have signed up for it are going through.

CONSUMERS STUCK WITH OBAMACARE ERRORS
Wrongly dumped into the Medicaid welfare program? Income listed incorrectly so you lose a subsidy? Premium costing you more than promised? Wrongly denied coverage? ObamaCare has an answer for you. Print out a seven-page form and mail it to a government contractor in Kentucky where… nothing will happen. The Washington Post reveals the nightmarish journey for ObamaCare enrollees who find the federal program has failed them, including some of the 22,000 people desperate enough to send their pleas off to Kentucky in hope of help.

http://washingtonexaminer.com/consumers-stuck-with-obamacare-errors/article/feed/2116451

[EagleKeeper]

I'll provide a counter point to this.

First of all, you don't require portions of the Healthcare.gov software to be written in Belarus to be compromised. Frankly, I don't buy this.

Second, CGI Federal, while being based in Canada and proven to being a fairly incompetent company on a number of occasions would not have any reason what so ever to have a need for Russian programmers. That would be more incompetent then I can attribute to them.

They don't even need it, the website was written so badly I think bad actors could inject code without even being associated with the project.

Think about it, they wrote it and stood it up after which it failed so badly that they were forced to begin swapping out entire blocks of code only to put that into production within hours.

Now when you understand that the site has never once, even to this day, been subjected to a true end to end security eval and having to frantically swap out code.

You don't even need a Russian component to the construction of this website, all they would have to do is sit back and take notice that it was melting down. Even without that it is destined to be challenged just because of the prize.  

[BlueStateSaint]

It's almost like Obama is purposefully doing every thing he can to destroy this country.

I think we have a winner.

[thundley4]

I'll provide a counter point to this.

First of all, you don't require portions of the Healthcare.gov software to be written in Belarus to be compromised. Frankly, I don't buy this.

Second, CGI Federal, while being based in Canada and proven to being a fairly incompetent company on a number of occasions would not have any reason what so ever to have a need for Russian programmers. That would be more incompetent then I can attribute to them.

They don't even need it, the website was written so badly I think bad actors could inject code without even being associated with the project.

Think about it, they wrote it and stood it up after which it failed so badly that they were forced to begin swapping out entire blocks of code only to put that into production within hours.

Now when you understand that the site has never once, even to this day, been subjected to a true end to end security eval and having to frantically swap out code.

You don't even need a Russian component to the construction of this website, all they would have to do is sit back and take notice that it was melting down. Even without that it is destined to be challenged just because of the prize.  

CGI Federal may not have written all the code. They used some that was prewritten by others. I happened to remember this little kerfuffle from a while back.

CGI had used some open source code, but violated the copyright of that code by leaving out  the attribution to the creator of the code.

http://www.inquisitr.com/1005887/healthcare-gov-fixes-copyright-violation-from-open-source-code/

The U.S. government, specifically the Obama administration, has come under fire for faults in the Healthcare.gov website. One of the lesser known issues is a simple copyright violation based on an open-source piece of code.

According to an official at the Centers for Medicare and Medicaid Services, the error was not intentional and has been corrected.

A recent report by outside investigators found that part of the code used to build Healthcare.gov was taken from another project without proper use.

If CGI was not above lifting some open source code, why wouldn't they farm out some aspects of the coding to other firms?