Incident Response, TDR

Report: U.S. officials suspect developers in Belarus compromised healthcare.gov

U.S. intelligence officials have warned the Department of Health and Human Services (HSS) about a potential threat to healthcare.gov, which entails programmers in Belarus compromising the widely used health portal.

The Washington Free Beacon published an article on Monday, which called to light unnamed U.S. officials' suspicions that programmers, who helped develop healthcare.gov, inserted malicious code into the site.

“The intelligence agencies notified the Department of Health and Human Services, the agency in charge of the Healthcare.gov network, about their concerns last week,” the article said. “Specifically, officials warned that programmers in Belarus, a former Soviet republic closely allied with Russia, were suspected of inserting malicious code that could be used for cyber attacks, according to U.S. officials familiar with the concerns.”

The fears apparently stem from an intelligence report that was eventually withdrawn from circulation by U.S. intelligence agencies, which pointed to a Belarus company, EPAM, being contracted to write software for the website.

A Tuesday Reuters article confirmed that the report had indeed been issued, and later retracted, citing a spokeswoman for Obama's National Security Council.

According to the spokeswoman, Caitlin Hayden, HHS claimed that it “found no indications that any software was developed in Belarus.” In addition, EPAM reportedly denied any involvement in the development of the healthcare.gov site.

On Wednesday, Jason Healey, director of the Cyber Statecraft Initiative of the Atlantic Council, which focuses on international cooperation, competition and conflict in cyberspace, told SCMagazine.com in an interview that he normally wouldn't expect an advanced attacker, such as a nation state, to target a network like healthcare.gov.

However, in this instance, he could see the interest Belarus might have in the online portal.

“On whether an advanced attacker would go after this information – normally, I might say, ‘No,'” Healy said, later explaining that “this is one [government] that has been more than willing to let their organized crime hackers have a lot of fun without really stopping them in any significant way.”

“This information [could] go right to organized crime so they can monetize, through identity theft or black mail,” Healy added.

On Tuesday, Avivah Litan, a distinguished analyst at Gartner, told SCMagazine.com that it seemed unlikely that attackers would go after the trove of information accessible through healthcare.gov through this avenue.

“I honestly don't think that criminals would be that stupid [and] I don't think they would do it under a Belarus company name – but that doesn't mean we shouldn't worry about this kind of stuff,” she added.

According to Litan, the perceived Belarus threat plays to mounting global fears about the integrity of software stemming from foreign countries, particularly in light of Snowden leaks, which also implicate the U.S.

“It's evoking everyone's fears about dealing with foreign technology companies,” Litan said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.