HealthCare.gov designers could have learned some good lessons … from cybercriminals

Gregory Millman of Risk & Compliance Journal offers Barron’s readers a thought-provoking column about one group that could have served as a useful model for the designers of the troubled HealthCare.gov site.

The woes of Healthcare.gov have just begun. Among other ills, the tangled computer systems are also vulnerable to hacking, and experts say fake Obamacare exchanges and identity-theft scams are already targeting the unwary.

But it should be easy to identify the scams: Unlike the real site, they seem to work as designed. There have been no reports of frustrated users making hundreds of attempts and still being unable to log in to a criminal identity-theft site.

Would HealthCare.gov have succeeded had the government outsourced the technology development to cybercriminals?

Cyberthieves don’t seem to have any problems rolling out their technology. They move quickly and efficiently, in an almost perfect market that requires more understanding of systems than is apparent in Healthcare.gov to date. The cyber-underworld’s online forums and chat rooms are 24/7 operations that match cyberheist skills with high-tech criminal job opportunities all over the world.

Some specialists develop malicious code; other specialists use that code to crack into systems; still others go into the systems after they’re cracked and purloin information, passing that information to yet another group of experts who use it to scam retailers, drain bank accounts, and stash the proceeds. …

… The cybercriminals do all of this without any formal organization to speak of. There are no cybercrime godfathers calling the shots, literally or figuratively; no serried ranks of gangster subordinates; no cabinet secretaries, CEOs, or middle managers.

In a recent working paper titled “Honor Among Thieves,” researchers from Drexel and George Mason universities wrote, “Underground forums enable technical innovation among criminals as well as allow for specialization, thereby making cybercrime economically efficient.”

Economically efficient—when was the last time you heard that phrase applied to Obamacare, or anything else managed by the government?

No comments yet. You should be kind and add one!

Our apologies, you must be registered and logged in to post a comment.