Thursday, November 21, 2013

Right-Wing Hackers Create ‘Destroy Obamacare!’ Program, Hope To Disrupt Website

Right-Wing Hackers Create ‘Destroy Obamacare!’ Program, Hope To Disrupt Website

Author: November 20, 2013 11:31 am

'Destroy Obamacare!' Intended To Overload Health Care Website
A new DDos tool looks to cripple or shut down the healthcare.gov website.
“Destroy Obamacare!” is highly illegal but the right will probably try to use it.

The right really, really wants to destroy Obamacare. Sure, the Obamacare website has had its problems since the roll-out. We’re all disappointed and discouraged that, after all the work we’ve done to get this up and running, we are having to defend the entire idea of health care reform. Because we all know that if a website ever has problems, it should immediately be shut down. Just like YouTube was Monday when it went down for a while. Oh, it wasn’t shut down? Well, I’m sure that was an oversight.

The Obamacare website is being attacked by hackers

Last week, Department of Homeland Security official Roberta Stempfley told the
monkey circusHouse investigative committee that the Healthcare. gov website had been the target of at least 16 cyber-attacks. These occurred between Nov. 6th and Nov. 8th and are currently under investigation.
But things may escalate if some on the right have their way. Recently, Arbor Networks, an online security firm, discovered a tool called “Destroy Obamacare!” It is being distributed (by whom is not yet known) so it can be used to overload the Obamacare website. According to Arbor, the program is written to perform constant, layered requests to get on two healthcare.gov web pages: the home page and the “contact us” page. The tool is a Distributed Denial of Service program. My IT friends tell me that…
“… the extra D in DDoS that makes a DDoS attack so effective — the first D stands for “Distributed” and means that the attacks would be coming from a variety of different IP addresses, making it hard to block the traffic without completely turning off the website (which is the goal of a “denial of service” attack to begin with).”
In other words, tens of thousands (or more) of computers will try to use the website over and over and over again, automatically. Think of having thousands of cars trying to use the same exit on the highway at the same time and you’ll get the idea.

“Destroy Obamacare” isn’t too much of a threat unless…

As it stands, this “Destroy Obamacare!” tool wouldn’t be able to do much to the Obamacare website. But, of course, there are a couple of caveats:
“… if this were developed into something more malicious (and rewritten to fire off more requests, more regularly), spread throughout servers and users online without adequate security, and launched from machines worldwide simultaneously, it would be catastrophically effective (especially if the program was smart enough to change IP addresses when blocked).”
The IP address issue, while not insurmountable, presents a problem for the people who would be using “Destroy Obamacare!” Their computers can be identified and blocked and the users prosecuted. But, as my sources say, if an enormous number of people (say, several million) decided to run the program or if someone with enough money were to rent a bot-net (a robot network), then they could wreak havoc. But, unless that were to happen, these website requests would maybe slow the site down a little. But everyone who ran it would be easily found and blocked.

It’s obvious the program came from someone on the right

destroy obamacare textThough it is rather like “one-legged dogs trying to take down a pride of lions” (as one of my sources compared it), “Destroy Obamacare!” could still be troublesome. But anyone who wishes to use it should know that it is highly illegal and easily traced. As you can see by the text which accompanies the tool, those who use it may not be smart enough to realize either of these things.

Looks like a Tea Party thing to me. Arbor says on their website coverage of this subject that they have no information on the active use of this software — yet — but that they have:
… seen site specific denial of service tools in the past related to topics of social or political interest.  This application continues a trend ASERT is seeing with denial of service attacks being used as a means of retaliation against a policy, legal rulings or government actions. (source)
They may be referring to Anonymous, who has targeted websites before. But this is, as far as we know, the first time that the right-wing has tried to use cyber-attacks.

My IT sources say it’s poorly written

destroy obamacare codeFor the coders among you, here is a screen shot of some of “Destroy Obamacare!” code:

My very smart IT sources assure me that this is nothing to worry about. Any well-written high-capacity website could easily handle this. Unless, of course, the Koch brothers decide to rent that bot-net…
What is frustrating for me, and for many of you, is that the media is focusing on the healthcare.gov website having problems. Yet nobody mentions the attacks that have already occurred nor this nascent, though probably toothless, concerted attack. “Liberal media” my arse.
 

No comments:

Post a Comment