he security expert and once the most wanted cyber criminal of this world- Kevin Mitnik had submitted one scathing criticism to the house panel Thursday of the healthcare.gov website of ObamaCare, describing the protections into the site as minimal and shameful.
In a certain letter that had submitted as the testimony to the House Science, Space and Technology Committee, Mr, Mitnik inscribed that it was very shameful that the team that had built the website of the Healthcare.gov implemented the minimal security best practices in order to mitigate the major risks of the compromised system.
The letter which Mitnik submitted to the ranking member Eddie Bernice Johnson and the D-Texas panel chairman Lamar Smith, R- Texas, held the comments from a number of leading security experts.
Mitnik had concluded his letter saying that after he read all the documents offered by David Kennedy which detailed a number of security vulnerabilities, which are associated with the website of the healthcare.gov, it was pretty clear that the management team never considered the security as the priority.
His comments were therefore backed by the testimony provided by Kenedy, the CEO and the founder of the TrustedSec LLC as well as the self-portrayed White hat hacker, means the person who hacks not to commit the cybercrime, but to fix the security flaws. In the month of November, Kenedy along with the other experts testified before this same panel regarding the security issues on the Healthcare.gov.
Mr. Kenedy also testified that the majority of the identified flaws still existed on that site of the Healthcare.gov and those were getting worse day by day. He had also included that both he and his experts have seen a very little improvement in the last two months. Kenedy also added that nothing had changed since the November 19th testimony of them.
Just one-half of the vulnerability had been found and plugged since that period. They had just worked a little on it and the site was still vulnerable to date- he added that.
Other members of this panel who spoke to this issue were Waylon Krush, co-founder and CEO of Lunarline, Dr. Lawrence Ponemon, chairman and founder of the Ponemon Institute and Michael Gregg, chief executive officer of Superior Solutions.
There were no hacks or confirmed security breaches on the site yet, in spite of the past testimony and the alarming content from the panel. The flaws, which had been found here are just the speculation- mentioned Krush, whose company had done the security work for the Department of Health and Human Services.
During the testimony, he also added that none of their table can describe the incident as the vulnerability. In order to test the actual flaws, it would need to hack the site, that mean breaking the law.
- See more at: http://hackersnewsbulletin.com/2014/01/worlds-greatest-hacker-obamas-website-healthcare-gov-security-shameful.html#sthash.cmNFeEJ3.dpuf
0 comments: