Contrary to common belief, the major hacking risks relative to systems, which are central to the nature of a free society, is from insiders, not outsiders. That is the common issue in all previous posts.

Therefore, in any significant government or banking system that is examined, key questions to be asked are:
1) Are the servers certified in a reasonable manner to promote public trust?
2) Is it clear, who hold the ultimate system administrator authority for the server, and for what period, by what authority?
3) In what manner are the individual records certified?
4) Are there any evident inconsistencies with reasonable certification procedures?
5) Are there any inconsistencies in dates of entry of or data, as entered, and data, as displayed in online public access systems?

Joseph Zernik, PhD
Human Rights Alert (NGO)