chemTrailActivist · @chemTrailActivi
24th Nov 2013 from TwitLonger
#ObamaCare
5 Ways HealthCare.gov Could Get Hacked
Posted: 11/22/2013
A hacker can just as easily compromise a website that transmits personally sensitive data, as it can one that actually stores that data.
This data may have been safe on the original website (e.g., IRS.gov), but once it travels through an insecure platform, it can become vulnerable to attack.
1. Code Injection Attacks
When a website is poorly designed, it’s often vulnerable to what is referred to in the security industry as “injection attacks.”
This code might be designed to get access to private information stored on the site (such as user profiles) or maybe even to install malware that will infect anyone who visits the website in the future.
One of the most widely used code injection attacks is SQL injection, or SQLi.
What You Can Do:
You can’t protect your information on the website, but you can protect your computer from getting infected by malicious code that may at some point run on that website.
The best way to do this is to use a “sandbox,” like Sandboxie or SecuBrowser, to keep your browser isolated.
This will stop hackers from being able to make changes to your computer or infect it with malicious scripts.
2. Cross-Site Scripting
3. Insecure or Weak Authentication
4. Clickjacking
5. Sensitive Data Exposure
HealthCare.gov can be fixed if the right people are given the chance to test it.
It’s also important for the state-run exchanges to undergo this testing – some of them aren’t even using SSL encryption for all of their transactions.
http://www.huffingtonpost.com/michael-gregg/5-ways-healthcaregov-coul_b_4325092.html