The Daily Caller

The Daily Caller
Reuters/Kacper Pempel. Reuters/Kacper Pempel.  

HealthCare.gov hacker tool distributed via Facebook posts

A rudimentary hacker tool designed to crash HealthCare.gov was distributed through various online channels, including Facebook.

Marc Eisenbarth, manager of research for Arbor Security Engineering and Response Team, told The Daily Caller that a denial-of-service (DoS) application was spreading through torrent sites, as well as Facebook.

A denial-of-service attack overwhelms a website’s servers with traffic in order to crash the site, but unlike its more popular counterpart, the distributed-denial-of-service (DDoS) attack — popularized by the hacktivist network Anonymous — a DoS attack can be executed by a lone actor.

DoS and DDoS attacks are considered illegal in the U.S. under the Computer Fraud and Abuse Act, although there is a movement to have them recognized as a legitimate form of political protest.

Eisenbarth first published Arbor Networks’ discovery in a Nov. 7 blog post, noting that the application “has been mentioned on social media.”

Eisenbarth told TheDC that Arbor Networks first discovered the application while monitoring peer-to-peer, or torrent, sites. Facebook posts distributing the tool surfaced when it was released in October.

“That seemed to be how they were trying to popularize the download tool,” he said, “but those posts have been removed and the torrent has been taken down.”

Eisenbarth said he was not sure how many times the tool was downloaded or who built it.

Still, the application was unique among other hacktivist tools Arbor Networks has seen in the past, he said: It appears to have been built from scratch by a single individual who was possibly a current or former American citizen with a lot of time on their hands.

The description of the application also claimed that the author is an “American patriot” looking “to defend American rights!”

“I think that if it was written by a group of people, we would have seen a much wider spread distribution of the tool rather than just one torrent site and a bunch of Facebook posts pointing at it,” said Eisenbarth.

Eisenbarth told TheDC that he did not consider the application a high-level threat, noting that a DoS attack was only one “vector” for hackers to strike against the site.

The Centers for Medicare and Medicaid Services and the Department of Health and Human Services are currently under fire over a potential Healthcare.gov cybersecurity nightmare.

Users are potentially susceptible to identity thieves due to a lack of security oversight prior to Healthcare.gov’s Oct. 1 launch.

Upon discovering the tool, Eisenbarth’s team at Arbor Networks notified the Department of Homeland Security and the Centers for Medicare and Medicaid Services.

Acting Assistant Secretary of the Department of Homeland Security’s Office of Cybersecurity and Communications Roberta Stempfley confirmed to a House committee on Wednesday that DHS was aware of “one open source action attempting a denial of service attack that has been unsuccessful.”

Stempfly also said that DHS was aware of 16 reports from Health and Human Services pertaining to the site’s security.

Despite the removal of some links to the DoS application on Facebook, some still persist on the social network.