Yesterday, the Washington Free Beacon reported that U.S. intelligence officials are concerned that the Healthcare.gov contractor CGI Federal used Belarusian contractors, affiliated with the government, to work on the website. Those contractors have been linked by the intelligence community with malware, and privacy scams. Since Massachusetts used the same contractor it is worth asking if the same vulnerabilities are present in our state based exchange.
U.S. intelligence agencies last week urged the Obama administration to check its new healthcare network for malicious software after learning that developers linked to the Belarus government helped produce the website, raising fresh concerns that private data posted by millions of Americans will be compromised.
The intelligence agencies notified the Department of Health and Human Services, the agency in charge of the Healthcare.gov network, about their concerns last week. Specifically, officials warned that programmers in Belarus, a former Soviet republic closely allied with Russia, were suspected of inserting malicious code that could be used for cyber attacks, according to U.S. officials familiar with the concerns.
The software links the millions of Americans who signed up for Obamacare to the federal government and more than 300 medical institutions and healthcare providers.
“The U.S. Affordable Care Act software was written in part in Belarus by software developers under state control, and that makes the software a potential target for cyber attacks,” one official said.
Cyber security officials said the potential threat to the U.S. healthcare data is compounded by what they said was an Internet data “hijacking” last year involving Belarusian state-controlled networks. The month-long diversion covertly rerouted massive amounts of U.S. Internet traffic to Belarus-a repressive dictatorship located between Russia, Poland, and Ukraine.
Red Mass Group asked the Health Connector Authority if Belarusian contractors were used in the development of the state based exchanged. Spokesman Jason Lefferts said that he is looking into it.