Is Website Outage Linked To NSA Website Hack? Website Outage

Tuesday carried a curious coincidence when reports surfaced that there was a systemwide website outage at the same time the NSA website was reportedly hacked.

VA claims the outage was due to a glitch, but the timing sure seems curious given NSA’s website outage happened on the same day at around the same time. Instead of a hack, the Department of Veterans Affairs instead claims their websites were impacted by an update error.

I know this is pure speculation, but the coincidental timing is worth discussing, especially given the repeated problems with VA being hacked.

So what is the story? Was this just a really strange coincidence?

If and related agency websites were taken out instead of merely down due to a maintenance error, why not own up to it? What were they after?


Rumors surfaced yesterday that NSA’s website outage was the result of a hack linked to cyber weapons being stolen or leaked from a group called the Equation Group. Equation Group is thought to be a recently discovered hacking group linked to NSA.

Supposedly, cyber weapons were stolen and later auctioned off-putting America’s cyber industry on high alert.

And magically, the same day NSA’s website goes down due to a hack, numerous VA websites also go down.



VA meanwhile claims many of its websites were down at around the same time for many hours, but that the outage was the result of a glitch during a weirdly timed update.

Usually, updates of large website systems are timed to occur at night, when web traffic is at its lowest. Why did VA try to do it during the day? Or is that what was going on?

My readers on the ground reported eBenefits was down. and were also down. VA claims was not affected. If true, that would indicate certain servers were affected for some reason while others were not.

According to MeriTalk, a government IT watch news website, VA reported the following:

“This morning, the Department of Veterans Affairs experienced an IT outage caused inadvertently by a system update,” the agency said in a statement Tuesday. “The outage is currently impacting certain VA systems and applications, along with the VA website. IT officials are working to restore the impacted systems and applications, and expect completion by the end of the day.”

An agency spokesperson confirmed to MeriTalk that some sites, like MyhealtheVet, were not affected. “Proud of the team in the face of this situation, as they worked diligently to restore service and provide internal and external messaging to ensure stakeholders remained informed of the progress,” a spokesperson for VA Chief Information Officer LaVerne Council said. “Most sites/apps were back up and running nearly 6 hours in advance of initial estimates.”

What do you think? Was this a mere coincidence or is there more to the story? Are certain groups trying to steal veteran data? If so, why?


Similar Posts


  1. 08/20/2016

    Dear Benjamin Krause,

    Did Lockheed’s computers go out too?


    Don Karg

  2. Ben, There was a post from the Business Insider about the NSA hack. Tried to email it to you but failed. Later, Mary

  3. i worked in a federal building years ago and was friends with one of the VA IT guys. i remember him mentioning the VA was getting hundreds of million$ to upgrade VA IT and centralize it so all VA’s could access veteran data no matter what VA veteran went to. that was 25+ years ago. he got a new title in IT, a raise, new office and new IT equipment. i think VA did build that central location too though not sure. i’m thinking chicago area or something like that. (memory issues guys, you can relate) yet, up until i guess around 2010-11 maybe, i was in one state and that VA couldn’t access my records from another state. and in current state locale, this VA couldn’t either. they can now. i was always wondering in back of mind if they were just telling me that they couldn’t access records so they wouldn’t have to acknowledge the conditions and treat apprpriately and then write whatever they wanted in records. they wrote flat out errors too and medical records contradicted that from the other VAs & mil. local VA went with the erroneous statements that VA doctor wrote and not the medical evidence presented by me from civilian doctors. nor did any VA doctor enter into the system that information though they both said they would. i was able to get them to upload it but only after i contacted a Congress person and request help with that.

    hundreds of millions in upgrade funding back then and billions in upgrade funding today, but the same “VA corrupt culture and corrupt manipulation” is as rampant now as back then.

  4. may be the “Those hacker teams” let a few tools out to someone who wanted to expose a “VA-gate”, like the “DNC-gate” leaks? would that be interesting reading you think?

    the recent “leaks” regarding DNC and hillary did far more to shed light on wrong doings than any Congressional hearing, i believe. at the least one can read for themselves what those documents show and draw on their own intellect and intuition versus the buying into the bizarre twisted MSM accounts of reality.

    Lets face it, in the past few decades & current time, all the veterans’ letters, phone calls, meettings, investigative journalist’s on VA wrongdoing to veterans, any WH, web blogs, whistleblower’s accounts (proven), etc., hasn’t moved Congress or WH or VA/VBA/union to really do much to fix the VA/VBA has it? if i’m incorrect i’ll gladly accept facts to the contrary and stand corrected.

    i don’t condone people breaking into systems at all. but i have yet to see hardly anyone in D.C. spread the truth to the American Citizen constituency landscape, have you? i doubt the so called group?, whatever its name at nsa, ever grabbed documents at VA/VBA vs the other-hacker teams to help out American veterans.

    then again, just maybe the VA website & databases & datacomm access were on emergency unscheduled update status just in case in light of recent events?

    i don’t recall VA doing that when in recent history after some veteran digital data (lots of records) were stolen, do you? they seem to lose records though, paper and digital. weird!

  5. Ben, the VA IT updates take place over the weekends, which means the fixes have to occur when the 90,000 employees log on on Monday. It only impacts some areas and the updates are a blessing for the most part.

    If anything is conspiratorial, it would be that the VA shut down systems if under a cyber security attack, but so far, so good. The VA system remains safe. It is inconvenient that everything can’t be done always and the minute someone wants to do something on line, but it seems to me that for the most part benefits works!

      1. What Merri says makes no sense. Updates to a web site may take place over the weekend, but it has nothing whatsoever to do with employees logging in.
        A web site provides information. Its possible to have it connected to other systems in order to make it easier to update that information, but it still has nothing to do with employees logging in.
        It also makes no sense to update on a weekend, and “fixes” taking place during the week. Those kind of fixes, if done during the week, are usually fixing content that did not update correctly, likely because of bad code.
        Employees logging in to a system do not authenticate to a web site. A web site and a site for users logging in can be on the same server, even email can be run from the same server, but it makes it much less secure. They may have access to a web site once logged in, but 90000 do not authenticate to it. 90000 employees likely authenticate to domain name servers. Once authenticated, they can use their pc to access what they need, likely authenticating to other servers.
        If anyone is logging in to a web site, it is to administer the site, and although the VA hired 167 interior designers, they likely do not have 90000 web site administrators.
        Now, as for why your VARO or VAMC site did not come up, it is likely because every VARO, VACO or VAMC web site is on the same server farm. A server farm for a web the size of the VA is likely several high end servers. On those servers is housed the VAMC site, several VARO sites as subdomains, several VISN sites, and every VAMC or CBOC site as a subdomain. That povides a separate web site for HQ, every VISN, every VARO, and every hospital or clinic if they have one.
        Think of a subdomain as a subdirectory on your computer. The domain points to that directory and all the content under it.
        This structure makes sense because it appears as if most VA web sites have the same basic information, which means it is managed content. That means if something is changed in one web page, the change goes to all web pages automatically. Otherwise, you would have to manually update the content on hundreds of web sites taking many hours to perform.
        Imagine the Amazon or EBay web site. Although it looks like a single web page, and it is, the web page has to handle hundreds of thousands of connections at the same time. The only way to handle that many is having hundreds of servers all connected and configured to act like a single server.
        No other configuration makes sense because so many sites were taken down at once.
        If it truly was an update, it had to have been an update to hardware that allows access to several servers at once, like a router. Those updates are not made during a weekday unless it is an extreme emergency…because you would have to reboot the router after the update, and any connection going through it would be lost until it rebooted.

      2. I agree. That it was routine is bunk. There was no advance notification to users. I was on the day before and there would have been a notice as there has been in the past. For example for some time there was a notice we couldn’t update our medical file.

        This one was to global to be routine as stated after the fact. We received no plug in notification. Only the general Web “This Page Cannot Be Displayed.”

      3. While the cats away. The mice will play. Up to something and I have s feeling it’s not going to be good for veterans.

      4. There have been numerous times where myhealthevet and ebenefits have been doing during the day for short periods, but those never affect the main VA web page. That suggests they are completely separate systems.
        Any “Down for maintenance” notice on any web page, VA dot gov, myhealthevet, ebenefits, etc., is a routine or default page that automatically displays when a site is down for any reason…hacker, network problem, server fire, etc.

      5. I didn’t get “Down for maintenance”. I got “This page cannot be displayed”. eBenefits, Cheyenne VA and myhealth were all the same. and not for minutes. Had to wait until the next day.

  6. What do I think? I think it was a hack. For several reasons. For the size of VA and traffic expected into their web sites, there were too many sites (domains) that went down at once. Of course, the VA could run this on one server with other sites as subdomains, but that would be stupid and would likely not handle the load. Most sites of that size would be handled over several servers with changes automatically replicated to each server, so an update to one server should not have affected several servers at once, unless it was bad code that was not tested first. They also could have a router handling traffic for all those domains go down, but that too would be stupid. No redundancy. A claim of it being a system update is bullshit, also for several reasons. These servers could be running Windows or Linux, and although Windows updates were pushed yesterday, they were minimal. If it were a system update, it would not have affected so many sites unless they were running on one server. Most system administrators of web sites will not allow system updates to be automatically applied preventing disasters like this. Even if they were, most sites the size of VA dot gov will test updates on a test server before pushing the updates to a public facing server. Doing so prevents disasters like a site going down. Further, having a test server and more than one online server allows for the site to stay up if the hardware in one server fails. The site may slow a little because of the load, but it won’t be totally out. Another reason for this being BS is that a system update causing a problem would not cause an outage of so many hours. Some site content might be affected by a system update, but taking the entire server or site down for several hours is rare. Think of a single widget on Amazon being affected as opposed to Amazon being taken out completely.
    There is a possibility that a security update was applied locking out the site, but even then, it would be unlikely an update would be applied to several servers at once.
    Another reason is that, unless it was a unique to VA software update, like a security application, then there would have been many other sites at companies and other agencies going down for applying the same update, and that has not been reported.
    Why hack the VA? 2 reasons. 1 They have a history of not securing veterans data. 2 It would be a target rich environment where they could possibly access significant amounts of personal data to be sold for or used for identity theft.
    Why did myhealthevet stay up? It is likely a completely separate system from VA dot gov given how new it is, run on separate servers, more secure, and possibly maintained by a contractor.

    If the VA wants to refute this, then they should put out a better statement of why so many sites went down. Their current reason is not believable.

    1. @91veteran- Or…this is the VA placing an exclamation point on the need for IT Update$ by doing that old sneaky ploy of “Creating Today’s Problems For Tomorrow’s $olutions”.

      In other words, creating a bigger problem to justify another last ditch cookie jar grab for more $ to congress but ensuring even more problems have been created to keep the cycle spinning.

      Also: We are still in very active, bloody wars. VA and DoD info is information and information is power.

      I am praying rather, that just maybe, Wikileaks was the *hack* to flay the VA before the World on Crimes Against Humanity–Yes, that ‘Humanitarian’ crime.

      I can at least dream, right? The uglier and more likely truth would be to live to later hear it was a VA employee selling Veteran mass files to the enemy….it could happen. Remember the Navy father and son spy duo?

      Cybersecurity should be on steroids and not an afterthought of this POTUS.

  7. Probably. Will tell us all our information was stolden and they have no way to get it back

    Lie. Deny. Deny again lie again

    They probably were playing hungry hippos

    Its easier for them to lie. Truth telling is not their cup of tea.

    1. Was just looking at you tube. S veteran took the VA all the way to the supreme court. Were it came to the forefront. Where at least 3 VA attorneys were arrested

      For cheating many veterans out of their disability payments. By telling veterans their claims were denied for one reason or the other

      And they were caught deverting those fund’s using the veterans claim number to private bank accounts.

      Found a box full of veterans record’s in the directors suite showing these payments.

      You can go into you tube and see it for yourself it’s a veterans forum. It will below your minds.

      I had a feeling this was happening to hundreds of veterans. Those employees lawyer’s will plead the5th. But they have to tell it to a judge and not the VA committee.

      Veterans whom win their case. Only get back pay from when they last applied.

      This ploy let’s the employees keep the ?. They syphoned off. Unless they force or investigate each veterans claims.

  8. @Seymore, namnibor, redturtle and others.
    I mentioned something about “Wikileaks” yesterday, I believe.
    Also, what would the reasons be behind the AFGE having our medical and administrative info, if not to screw over all of us?!
    Lastly, remember, this is just Thursday. What’s going to hit the fan tomorrow or Saturday?


    1. I think you get your lines from Keith Richards from when the stones went to Cuba to give a concert there a few months ago. I know Keith spoke highly of the booze there, and he probably said lines to the crowd – like your statements.

  10. Think this upload had anything to do with the websites being down. You don’t get much news about the USA in US news, this is from Russia Aug 15, 2016
    MOSCOW (Sputnik) — WikiLeaks uploaded on Monday 186 megabytes of what it says is apparently archived malicious software linked to the US National Security Agency (NSA).

    WikiLeaks is an international non-profit journalistic organization founded in 2006 to disseminate documents, photos and video of political or social significance, according to the organization’s Facebook page. The website gained prominence when it publicized a trove of classified diplomatic cables between heads of state and government.

    1. How does it feel to have a single union in charge of some of the most personal, potentially damaging, and highly detailled information about your life? One union can access your location, contact info, healthcare information, SSN, mothers maiden name, next of kin, work history, financial history, and a litany of other information.

      The labor union hold the all the cards ob your info and if the misuse it there is zero recourse. No VA employee may be held accountable for wrongdoing while on the job. Period. POTUS would have to agree to prosecute and then food luck to hi to get anymother governement worker to do it.

      The AFGE is in complete control of veteran healthcare and moreover has highly detailed personal information about medical staff as well. AFGE can make or break any physician and many have come onto the media to tell of this. AFGE = CARE. This is the only entity that can control success or failure and there is no financial incentive to motivate success. There is no financial bonus given when a veterans life is saved.

      And they call vets the stakeholders??? Seems to me the AFGE is holding all those stakes….

      1. redturtle984 It concerns me in many ways, not just for my personnel info getting circulated around the USA.

        Trump is beating the war drum. What If a foreign country/entity or even our own underground were thinking about warfare that may come or wanting to sell “products” or looking for a weakness of any kind along with the strengths: those entities could be interested in knowing the medical/mental conditions, treatments, pharmacy dispensing, blood test results, etc being utilized by our nation for/on the troops/veterans. Take out the troops & the country has no army. Not to use all the tools available to stay one step ahead of friend-enemies is not an advantage.

        Last number I read is 500,000 signed up for the VA DNA study. Where is that data stored? Just think what a scientist researcher in China can do with that info & what may come from it. Chromosome-breaking agents are known. Break the human Chromosomes that determine sex & a transgender is born. Before it was banned It was put into baby food as flavor enhancer. Gender Identity experiments.

        The Future is Genetic Engineering –super soldier hybrids. Adding all types of material into a multipurpose Watson could be endlessly valuable with us being the first source hacked.

  11. Ok, so I worked for the VA for 3 yrs and I’m also a vet.( oil and water my friends), anyways I remember back in Feb 2015 when OPM was hacked and they first said that the VA was breached, then they finally admitted it. I got a letter in the snail mail with a “secret code” to register for this FREE cyber security plan that the gov would pay for 3 yrs due to my info being hacked. Why I don’t understand this is you’re going to send this code through the mail for authenticity?! Anyone could open that and get into my information AGAIN!! Also, why wasn’t this amazing cyber security plan in place before this hack? Past and present gov employees were affected!!! I got to thinking that the background check I did at the beginning on my employment was full of my families info, work history etc. Now this is where it gets weird, a week later I get a call on my cell for my sister regarding some “legal issues in her hometown,” they need to get a hold of her right away. So I gave her the # and the case #, when she called they started asking for her ssn, DOB etc. Well, she’s pretty smart and didn’t give them anything and asked who they were, they hung up on her. It was a scam!!! I had my sister as a person of contact with with her address and phone number. Sounds suspicious right!?!?!

    1. Are you positive you worked at VA three years? The Congress once asked RAND how many people worked at VA. RAND studied the problem and detetmined that less than half did.

  12. Well, I was a victim of identity theft back in late June and still am quite on eggshells because I already have lead a very careful path as far as financial and identity safety…now I am on lockdown. The bank replaced the $ but even though I had to submit and fill-out all kinds of forms/info/police report, FAX, through all that, even with $ replaced, I would have loved an answer of *how* it happened.

    I learned through this process that hacked identity, medical records, you name it; is as common as people with cell phones. It happens way more than the MSM lets us know, the police detective opened my eyes.

    As a Vet, we are ALL very DEEP in the system. That not too long ago OPM (sp?) Hack more than likely obtained all of us and I cannot fathom the VA properly securing our data and safely when they get caught quite often with viable veteran files near or in shredders.

    I will go as far as guessing that the VA places more protection on their employee database than Veteran Files.

  13. I have used the BVA web site since it went on line, many years ago, often on a daily basis.
    The BVA site has helped me succeed in my claims, but more importantly, it has helped me provide vets with decisions that show them what type of evidence they need.
    BVA denials are as important as awards to help understand the way the regulations and medical evidence are assessed.

    Yesterday I got a message at the site that BVA was down for maintenance,
    which is not unusual at all when they post more decisions or add something else there.

    I do have VAOLA Paranoia as a hardcore claimant myself but I do not believe there is any link between
    the NSA outage and the BVA. After about an hour, I went back to the BVA and found what I needed to encourage a combat veteran with bad paper discharge.

    Negative COD’s ( Character of Discharge determinations by a RO) are often very hard to change.
    I helped one vet get their changed years ago to a HD and the decision I found at BVA showed again that this is often difficult to do ,but NOT impossible.

    1. Maybe the BVA contracted NSU and the docs the VHA are trying to hide it from the NSA?

      Anyone seen Big Bird? He knows what all these letters mean. Tell him to bring the Cookie Monster too. Leave Little Debbie her bariatric bed for now. Bring some tiny donuts rolled in sugar. Hostess.

  14. The healthcare industry and the snack cake industry have remarkable similarities. I suppose any human industry will always be similar but the snack cake analogy seems apt. The VA of course would represent the Little Debbies snack cakes and non-VA care Hostess snacks.

    It does not take undiagnosed/untreated genius to quickly see why a Little Debbie cake is what it is and why Hostess is better. First of all the only reason Little Debbies cakes are what they are is they can’t afford the machine that whips sugar, water, and lard into simulated whip cream that is so good that many folks have included them in romantic interludes. Little Debbies can’t get the fake whip cream injector online so all of their cakes are flat. No filling. No romance.

    Beyond that though it is the marketing that is most similar. The name “VA care” and “Little Debbie” are identical; use either product very long and you just will not look like the person shown on the package. It might all seem really great when you land a spot on the Tiger Team because cousin Joe at the VA sleeps with the secretary, but the idea that Debbie will remain Little when she uses the product is just marketing hype.

    Hostess on the other hand pulls no punches at all with its marketing. Mostly because the cream filling is so damn good that nobody cares. Like the snack cake industry it is unlikely that workers of Little Debbies ever use their own product. Same at VA. Diubtful any worker there EVER uses their own product- there are just too many Ding Dongs walking around to believe otherwise.

    1. So you are lobbying for those insurance companies that have the Choice contracts. How much more do they want for doing nothing? Have you tried Choice? I have and it stinks. Plus I’m stuck with it for now.

    2. Don’t forget about all the VA nurses that are full of “Snowballs”, flakey coconut and all. 🙂 Kind of rhymes with no balls. 🙂

      1. DBC = Debbie Cake Committee, but I think they only judge the cake eaters, not the cake they serve. They are more of a HoHo group.

        I know several Ho(s) on that committee.

      2. Naaa, redturtle, I’m thinking more on the line of “ding dong’s” or maybe even “Twinkies”! And that’s being polite to these asswipes!

      3. @ red turtle NICE!!! @ crazy elf they are more interested at the creamy filling than the cake if you get my meaning. VA has more Ho’s than a chinese phone book

  15. No need for much speculation here….This is a way that all those HIgher ups in the VA system that have been fired or retired lately went out and hired them a hacker with the money they already pocketed from fraud and stealing.

    They already knew how – when – where – what they had to do to get the rest of the money they felt they deserved.

    And blame it on server error update.

    Now why would they need veterans info?

    Why not that would mean if successful in losing veterans files and claims could save the backlog list Billions of dollars.

    Or what about the companies that are bidding on the contract for IT knew of weakness’s and are using that weakness and vulnerability to come in and save the day.

    Thoughts from a senile Marine with Red Flags and Black Flags all over his accounts now.

    BTW this computer has been Flagged by the VA and the Government now after my one bad day and comments left on here. And put Flags on my VA Files too.

  16. The IT guy at VA has confirmed that the OFF switch was enabled and estimates for bringing the system up to the current standards of ON are in committee now. The VA stakeholders will just have to wait for another day to poke the vampire through the heart to make sure it is GONE.

    1. I checked VA dot gov last night around 7pm after noticing it down yesterday, and it was back up.

      Something other than an update took it out.

  17. With all the billions of dollars going into IT at the VA, can it all be earmarked to fix a computer. In the real world , when does IT cost so much?. We do know there are links between the VA and DOD budget. We do know there are defense contractors doing work on IT at the VA. We don’t know who else has their hands out. Interesting!

  18. “…is there more to this story…” and/or “Are certain groups trying to steal veterans data?”
    I believe the answer is a resounding “Yes” to both questions, Ben.

    It’s a Friday!

    What better day to come out and say veterans data, ie; names, dob, social security numbers, etc., have been stolen.
    How many vets will wake up Monday morning to “bank robo-calls”. Telling them, (us), our bank accounts have been drained! Or, how many of us will never be informed at all!

    What else will be said by VA today or even tomorrow? What kind of ‘horror stories’ will VA try to hide, yet will be exposed in the days to come???????

    How many vets will have pertinent information, ie; health records info, administrative records info, etc., changed.
    Stating something different in veterans medical and/or administrative records is par for VA!
    Example: The wife and I have been “divorced” three times, by VA records keeping, in the past 2 1/2 years. They’ve even had the wife living at a different address. We’ve had to keep close tabs on these reprobates.

    In my opinion, VA is convoluting everything they can, so no one can find out what’s really going on!

    Will we find out on monday, taxpayers monies is missing, lost or misused in some way, AGAIN?

    You know, like the $6.5 Trillion the DOD lost?!?!
    BTW, there’s “…a 0.00001% reward…” put out on information regarding that lose!
    It’s reported “…if $100 dollar bills were placed on top of each other and given away.” Every person, man, woman and child, in Colorado, Wyoming and Utah would become instant millionaires!
    Just thought y’all would be interested in this story! It came out yesterday.

  19. Ben,
    In the articles closing you ask 4 questions, “What do you think? Was this a mere coincidence or is there more to the story? Are certain groups trying to steal veteran data? If so, why?”.

    My thoughts as a former Technical Support Engineer. When you have two systems, known to be stable, owned and controlled by a single entity, go down simultaneously for the same time period. It is due to one or more of three causes:

    1.) Failure of equipment used by both systems.
    2.) Failure of Software used by both systems.
    3.) Systems Managers for the single entity shut the systems down intentionally.

    Given the never ending IT budget at the VA that never accomplishes squat. This may indicate not only is some of the NSA’s budget getting funded via the VA to avoid Congressional oversight but also showing that the NSA has access to all VA records including Veterans Medical Records and all the classified research records.

    1. Hey, Seymore,
      Could this be for “more gun legislation” by democrats? Their the only ones pushing for it.
      There’s a video on Utube where one of Hillary’s DNC representatives is stating she can’t just eliminate the 2nd Amendment. But she can sure do something to confiscate all weapons, like in Australia!
      Hillary has been using that country’s laws as much as possible in all her rallies!

      If NSA has our medical info, anyone with PTSD, could begin to see their names on a “LIST”!? A complete violation of the “Due Process” clause in our Constitution!
      Of course, Democrats believe veterans, and the public at large, have no Constitutional protections!

      1. That is a very sobering thought. I wish I had not read your comment.

        Going to be a long day.

  20. Nothing to worry about. This was just a little group training at the VA using a scene from the original “Airplane” movie where if you recall, up in the air traffic control tower while planes were trying to land the runway lights kept going blacked-out only to find one of the air traffic controllers was sniffing glue and thought it would be fun to unplug the runway lights from the mains. No different at the VA, having fun with the IT system since it’s due for a multi-billion upgrade anyway and never mind how many hundreds of Vets in hospital situations depending upon life-support and other sensitive systems, all is FUBAR at the VA.
    Someone snipped the VA’s “Cup and String” array. 🙂

Comments are closed.