security

Hacking expert cracked Healthcare.gov in four minutes

Friday, January 31, 2014 by: J. D. Heyes
Tags: Healthcare.gov, hacking expert, Obamacare

eTrust Pro Certified

Most Viewed Articles
Popular on Facebook
BACK INTO THE CLOSET: Why U.S. reporters are not allowed to write about rainbow events in nations where being gay is still condemned
Depopulation test run? 75% of children who received vaccines in Mexican town now dead or hospitalized
INVESTIGATION: Three days before Dr. Bradstreet was found dead in a river, U.S. govt. agents raided his research facility to seize a breakthrough cancer treatment called GcMAF
A family destroyed: Six-month-old dies after clinic injects baby with 13 vaccines at once without mother's informed consent
BOMBSHELL: China and America already at war: Tianjin explosion carried out by Pentagon space weapon in retaliation for Yuan currency devaluation... Military helicopters now patrolling Beijing
Companies begin planting microchips under employees' skin
BAM! Chipotle goes 100% non-GMO; flatly rejecting the biotech industry and its toxic food ingredients
ECONOMIC SLAVERY FOR ALL: While we were distracted with the Confederate flag flap, Congress quietly forfeited our entire economic future via fast-track trade authority
McDonald's in global profit free fall as people everywhere increasingly reject chemically-altered toxic fast food
March Against Monsanto explodes globally... World citizens stage massive protests across 38 countries, 428 cities... mainstream media pretends it never happened
SCOTUS same-sex marriage decision may have just legalized the concealed carry of loaded firearms across all 50 states, nullifying gun laws everywhere
Vicious attack on Dr. Oz actually waged by biotech mafia; plot to destroy Oz launched after episode on glyphosate toxicity went viral
Nearly every mass shooting in the last 20 years shares one surprising thing? and it's not guns
Holistic cancer treatment pioneer Dr. Nicholas Gonzalez dies suddenly; patients mourn the loss of a compassionate, innovative doctor who helped thousands heal from cancer
Wild eyes and bowl cuts: Why do mass shooters always share the same hair styles and crazed zombie stares?
Genetically white woman now claims self-identify as black: If you can choose your gender, can you also choose your race? What about your species? Can a human claim to be a llama?
Mind control through emotional domination: How we're all being manipulated by the "crisis of the NOW"
Costco stops selling antibiotic laden chicken in response to consumer demand
Delicious
(NaturalNews) The news just keeps getting worse for Obamacare, as evidenced by new revelations that the glitch-prone and incomplete federal online exchange, Healthcare.gov, isn't even secure enough to use.

That's the diagnosis of one of the country's top "white hat" hackers - hack specialists who work for the good guys testing the security of government and corporate websites.

Just last week, David Kennedy appeared before a congressional committee to discuss the security lapses inherent in the Healthcare.gov website. On Sunday, Kennedy appeared on Fox News to explain just how easy it was for a hacker to break into the site, as reported by The Washington Times (and, sadly, too few other media outlets):

Hacking expert David Kennedy told Fox's Chris Wallace that he determined he could gain access to 70,000 personal records of Obamacare enrollees via HealthCare.gov within about 4 minutes - and it required nothing more than a standard browser....

But the government says the site is just fine

"And 70,000 was just one of the numbers that I was able to go up to and I stopped after that," he said. "You know, I'm sure it's hundreds of thousands, if not more, and it was done within about a 4 minute timeframe. So, it's just wide open."

"You can literally just open up your browser, go to this, and extract all this information without actually having to hack the website itself," he said.

Government officials with the Department of Health and Human Services, which is responsible for the website and for implementing the vast bureaucracy that is Obamacare, have said recently that the site is secure and that fixes to it have enabled users to input their data without fear of having it stolen.

In a separate, recent appearance before the House Oversight Committee, Healthcare.gov security official Teresa Fryer, chief information security officer for the Centers for Medicare and Medicaid Services, said when the site first launched in October she was less certain about its security. Since then, however, she says improvements have been made.

"Given the positive results of the recent security control assessments... I would recommend [Healthcare.gov] be given a new authority to operate" when the current ATO - a document required for Healthcare.gov's launch - expires. She went on to say that, while no one can "guarantee any system is hack-proof," "the protections we have put in place have successfully prevented attacks."

Oversight committee chairman Rep. Darrell Issa, R-Calif., voiced skepticism. He said, given all of the problems the site has had, it is "still questionable in its security."

As reported by CBS News:

The risk of vulnerabilities on the health care website is very serious, the congressman said, given that it has "tentacles to some of the most personal information" on databases belonging to multiple government agencies like the Social Security Administration and the Department of Homeland Security.

'It's not just myself saying this site is insecure'

Kennedy, CEO of TrustedSec, agrees that the site remains vulnerable. During his congressional testimony, he said, based on his testing, the site was "100 percent" insecure, according to a report by The Washington Free Beacon.

"What we learned was that they had rushed through what we call the software development life cycle where they actually build the application," he said during his Fox News appearance.

"So when you do that, security doesn't really get integrated into it. And what happened with the rocky launch in October is they slapped a bunch of servers in trying to fix the website just to keep it up and running so that people could actually go and use it. The problem is they still didn't imbed any security into it," he said.

"It's not just myself that's saying this website is insecure, it's also seven other independent security researchers that also looked at the research I've done and came to the exact same conclusion," Kennedy added.

Sources:

http://www.washingtontimes.com

http://www.cbsnews.com

http://freebeacon.com

Follow real-time breaking news headlines on
Healthcare.gov at FETCH.news
Join over four million monthly readers. Your privacy is protected. Unsubscribe at any time.
comments powered by Disqus
Take Action: Support NaturalNews.com by linking back to this article from your website

Permalink to this article:

Embed article link: (copy HTML code below):

Reprinting this article:
Non-commercial use OK, cite NaturalNews.com with clickable link.

Follow Natural News on Facebook, Twitter, Google Plus, and Pinterest

Colloidal Silver

Advertise with NaturalNews...

Support NaturalNews Sponsors:

Advertise with NaturalNews...

GET SHOW DETAILS
+ a FREE GIFT

Sign up for the FREE Natural News Email Newsletter

Receive breaking news on GMOs, vaccines, fluoride, radiation protection, natural cures, food safety alerts and interviews with the world's top experts on natural health and more.

Join over 7 million monthly readers of NaturalNews.com, the internet's No. 1 natural health news site. (Source: Alexa.com)

Your email address *

Please enter the code you see above*

No Thanks

Already have it and love it!

Natural News supports and helps fund these organizations:

* Required. Once you click submit, we will send you an email asking you to confirm your free registration. Your privacy is assured and your information is kept confidential. You may unsubscribe at anytime.