A security analysis of the obamacare official website (ACA) reveals that the service does not have a security protocol. Yes, you read that right! Computer security expert David Kennedy minced no words in confirming that the new website does not have a security system in place. There is not even minimum protection from malware attacks. According to David, the rectification of the website can take even up to a year. David Kennedy is white-hat hacker and the Chief Executive of TrustedSec. The company provides security evaluation services to governments and corporations. A white hat hacker service would also hack a website, but not to cause damage.
The service finds security loopholes and brings them to the notice of the system administrator. According to the evaluation, anyone with basic hacking skills can crash into the website and easily steal sensitive healthcare information. Complaints about 404 errors and slow downloads are also coming in. This revelation is somewhat surprising, given that the ACA is the most ambitious program of President Obama. He withstood strong opposition to pass the act, and there seem to be a disconnection between the real and the ideal. Ideally, the site must have full-proof security. In reality, there is none.
Kennedy also warned of dire consequences of accessing a hacked website. Users visiting at such a site stands at the risk of losing his/her complete system integrity. The website would try to access one’s personal details like email ids, user names, and locations. Kennedy also testified before the Congress last week on the issue. He clearly stated that the website does not even have ‘basic security’. He recommended immediate remediation of the lack in security. Otherwise, he warned of grave identity theft concerns.
He also noted in a recent interview that many members of the Congress were unaware of the sensitivity of the issue. According to him, one of the Congress ‘folks’ actually told him that there are hundreds of websites that are highly vulnerable to hacking attacks and why should the official website make any difference. However, he also noted that many in the Congress were trying hard to fix the issue by systematic approach.
Other digital security professionals also expressed their grave concerns over the vulnerability of the official healthcare website. Morgan Wright, CEO at Crowd Sourced Investigations stated that the best solution is to dump the present site and restart everything from scratch. He expressed that investing time and resources to the improvement of the flawed system does not pass the reasonability ‘sniff test’.
David also expressed his sentiments on the situation as ‘unfortunate’ because he considers the new act to have the potential for ‘real good’. The completely insecure implementation of the critical website leaves much scope for speculation. Especially with a tech savvy President at the helm, this development is definitely raising eyebrows. Barrack Obama became famous for his elaborate Twitter campaign and there has been a lot of talk on his Blackberry devotion. This comes as highly surprising on considering the fact that the weak website hands over such an open pleasure to his many opponents. Besides, the ACA has been the President’s signature law.