You’ve probably noticed how, ever since the website Healthcare.gov first went public, there’s been a constant stream of news reports on the theme “Disastrous rollout of the Affordable Care Act, a.k.a. Obamacare, namely because it’s impossible for anyone to actually navigate the website.”
So when we read this Information Week article with the headline “Hackers threaten destruction of Obamacare website,” we weren’t sure if the hackers’ efforts should be considered too little, too late or mere overkill.
But that’s not stopping the hackers from trying. As security writer Marc Eisenbarth noted on the Arbor Networks Security Blog:
“Reports have indicated that the site has been inaccessible to some people when they have attempted to visit it. ASERT has no direct knowledge of any significant denial of service attacks directed towards the site. However, ASERT has recently found one tool that is designed to overload the webpage.”
Not really hacking
A denial of service (or DoS) attack isn’t really “hacking,” in the sense of breaking into a computer or database to steal or corrupt any files within. It’s more like the Internet equivalent of having thousands of people constantly call a telephone number, solely to tie up that phone line and prevent other calls from getting through.
ASERT discovered a social media site offering to let users help “Destroy Obama Care” [sic] by using a program that constantly alternates between visiting the healthcare.gov site and its “Contact Us” page.
Ominous as that sounds, Eisenbarth wrote that “the request rate, the non-distributed attack architecture and many other limitations make this tool unlikely to succeed in affecting the availability of the healthcare.gov site.”
So while this particular attack may not have much effect, it’s worth counting as a data point toward a possibly disturbing trend: “This application continues a trend ASERT is seeing with denial of service attacks being used as a means of retaliation against a policy, legal rulings or government actions.”