Tech

HealthCare.gov hacker tool distributed via Facebook posts

Josh Peterson Tech Editor
Font Size:

A rudimentary hacker tool designed to crash HealthCare.gov was distributed through various online channels, including Facebook.

Marc Eisenbarth, manager of research for Arbor Security Engineering and Response Team, told The Daily Caller that a denial-of-service (DoS) application was spreading through torrent sites, as well as Facebook.

A denial-of-service attack overwhelms a website’s servers with traffic in order to crash the site, but unlike its more popular counterpart, the distributed-denial-of-service (DDoS) attack — popularized by the hacktivist network Anonymous — a DoS attack can be executed by a lone actor.

DoS and DDoS attacks are considered illegal in the U.S. under the Computer Fraud and Abuse Act, although there is a movement to have them recognized as a legitimate form of political protest.

Eisenbarth first published Arbor Networks’ discovery in a Nov. 7 blog post, noting that the application “has been mentioned on social media.”

Eisenbarth told TheDC that Arbor Networks first discovered the application while monitoring peer-to-peer, or torrent, sites. Facebook posts distributing the tool surfaced when it was released in October.

“That seemed to be how they were trying to popularize the download tool,” he said, “but those posts have been removed and the torrent has been taken down.”

Eisenbarth said he was not sure how many times the tool was downloaded or who built it.

Still, the application was unique among other hacktivist tools Arbor Networks has seen in the past, he said: It appears to have been built from scratch by a single individual who was possibly a current or former American citizen with a lot of time on their hands.

The description of the application also claimed that the author is an “American patriot” looking “to defend American rights!”

“I think that if it was written by a group of people, we would have seen a much wider spread distribution of the tool rather than just one torrent site and a bunch of Facebook posts pointing at it,” said Eisenbarth.

Eisenbarth told TheDC that he did not consider the application a high-level threat, noting that a DoS attack was only one “vector” for hackers to strike against the site.

The Centers for Medicare and Medicaid Services and the Department of Health and Human Services are currently under fire over a potential Healthcare.gov cybersecurity nightmare.

Users are potentially susceptible to identity thieves due to a lack of security oversight prior to Healthcare.gov’s Oct. 1 launch.

Upon discovering the tool, Eisenbarth’s team at Arbor Networks notified the Department of Homeland Security and the Centers for Medicare and Medicaid Services.

Acting Assistant Secretary of the Department of Homeland Security’s Office of Cybersecurity and Communications Roberta Stempfley confirmed to a House committee on Wednesday that DHS was aware of “one open source action attempting a denial of service attack that has been unsuccessful.”

Stempfly also said that DHS was aware of 16 reports from Health and Human Services pertaining to the site’s security.

Despite the removal of some links to the DoS application on Facebook, some still persist on the social network.

A Facebook user by the name of David Rentzel, who is an allegedly retired General Motors employee now living in the Dominican Republic, submitted at least two links to the application on Oct. 15 to public Facebook posts belonging to libertarian and conservative Facebook pages.

DestroyObamacare FB post

“If you hate Obamacare as much as I do then download this little app,” wrote Rentzel. “It constantly opens a page on their web site and then another, back and forth.”

“This ties up band width. If enough people do it, no one will be able to log on to it!” he said.

“You can run as many copies of this on your computer as you want. Just keep opening it, again and again. Share with your friends!” he added.

“No virus, no worms, no trojans and not even a cookie. Runs on Windows.”

By the time of publication, Rentzel had not returned TheDC’s request for comment about whether he built the application, or if he was simply distributing the tool via social media upon discovering it elsewhere.

Follow Josh on Twitter and Facebook