You might think the ObamaCare website places applicants personal information at risk of hacking because the security apparatus has failed like everything else, but you’d be wrong. Everyone’s at risk because they never built security into the site in the first place. I know nothing should surprise us, but I’m really stunned by the daily stream of news about how much of a bizarre clusterfark this really is.
Cybersecurity expert and TrustedSec CEO David Kennedy blasted HealthCare.gov’s security features, saying no security was ever built into the website.
“When you develop a website, you develop it with security in mind. And it doesn’t appear to have happened this time,” Kennedy said, appearing on CNBC’s Squawk Box. “It’s really hard to go back and fix the security around it because security wasn’t built into it.”
Kennedy concluded that it would take “multiple months to over a year to at least address some of the critical-to-high exposures on the website itself.”
Like baking a cake and then realizing: “Oops, I forgot to put the eggs in.” It’s just not the same. In fact, it’s pretty nasty. With the daily horrible revelations concerning this monstrosity, they had to know this would not turn out well. The darn thing wasn’t even completely built, and we’re supposed to believe OBummer wasn’t aware of this? But what does he care, everything he touches turns into a lump of coal.
Remember they gave themselves a waiver from security testing requirements. Sharyl Attkisson report from a month ago.
http://www.cbsnews.com/news/healthcaregov-ducked-final-security-requirements-before-launch/
“…The final, required top-to-bottom security tests never got done….It granted itself a waiver to launch the website with “a level of uncertainty … deemed as a high (security) risk.”… at a congressional hearing, Health and Human Services Secretary Kathleen Sebelius told Democrat G.K. Butterfield that Americans have no reason to worry….”
2009 WSJ article on a holdover from Bush administration stepping down from the position of, acting Cyber-Security Czar. From quick search, I can’t find that a C-S Czar was ever appointed. http://online.wsj.com/news/articles/SB124932480886002237
“…The resignation highlights the difficulty the White House has had following through on its cybersecurity effort….Ms. Hathaway has been “spinning her wheels” in the White House, where the president’s economic advisers sought to marginalize her politically….”It’s almost like the system has become paralyzed,” said Tom Kellermann, a former World Bank cybersecurity official who served on a commission whose work influenced the White House’s cyber planning….”