Does the 2020 Online Census Account for Security Risk?
Experts discuss the security issues surrounding a census conducted online and explain how COVID-19 could exacerbate the risk.
For the first time since it was conducted in 1790, the US census is online. A website and mobile app for a task force of field workers aim to make the decennial population count easier and more accessible, but security experts are wondering whether the census is ready to defend against a range of cybersecurity threats – especially in the middle of a global pandemic.
This year’s census went online earlier this month, but its digitization has been in the works for years. A series of tests gave officials an indication of how many people are expected to respond on the Internet; its 2018 test indicated 61% of those who responded on their own did so online.
People can fill out the Web form with a census ID they should receive in the mail. However, they don’t have to: Phone submissions and paper submission forms are still available and began to arrive in mid-March. As part of the digitization plan, hundreds of thousands of census field workers were to be equipped with tablets to collect in-person responses via mobile app.
The decision to bring the census online was partly driven by a motivation to make responses easier, wrote Census Bureau director Steven Dillingham in a statement to the House Oversight and Reform Committee. “The new options create improved efficiencies, relieve burdens on respondents, and reassure people that assistance is but a phone call away,” he explained. The ability to respond via Internet or phone means “people can reply almost anywhere, at any time.”
A digital census could simplify the response process for Americans with Internet access, but experts fear a greater reliance on modern technology could also introduce cybersecurity risks into the data collection process. The Government Accountability Office (GAO) recognized such concerns in a June 2019 report mandating the Census Bureau fix “fundamental cloud security deficiencies” in order to better secure the 2020 census. An audit of the Census Bureau’s cloud-based systems revealed unsecured GovCloud root user keys, unimplemented security baselines, and a failure to implement basic security practices to protect Title 13 data hosted in the cloud.
One month before the 2020 census began, it was on the GAO’s “High Risk” list. A February 2020 report found “the Bureau continues to face challenges related to addressing cybersecurity weaknesses, tracking and resolving cybersecurity recommendations, and addressing numerous other cybersecurity concerns.” It had made progress, the GAO noted, but more work remained.
“When I see things like the census going online, my initial reaction is there is room for threat,” says Jason Truppi, co-founder of The Shift State. But this doesn’t mean it’s a bad decision, he adds: “I think more and more people might prefer now, and into the future, that it would be only online and not mail-based.” Still, he continues, the census will inherit more risks by going on the Web, and the census has ordered millions of extra paper forms in case people can’t respond online.
This is the government’s best and only ability to collect population data without legal process, and it says it’s ready to bring things online. It will reportedly encrypt responses to keep them confidential and it’s blocking foreign IP addresses and bots from entering data. Still, experts worry. How could digitizing the census put data at risk, and how might a compromise look?
Hacking the Census: Why, Who, and How
Census data is used to allocate seats in the House of Representatives and distribute hundreds of billions of dollars in federal funds to state and local governments, which use the money to fuel essential services, including emergency response, transportation, and healthcare. The data informs critical decisions made by communities, businesses, and all levels of government.
As such, it’s an appealing target for adversaries.
There are a few reasons why attackers would target the census data and collection process. Those who want to disrupt the distribution of funds or interfere with elections could start by compromising this data. “In all cases, the reasons are to sow discord, to erode the confidence of the people in the American process,” says Steve Moore, chief security strategist at Exabeam.
Experts agree that nation-state attackers are more likely to meddle in the census compared with cybercriminals, who could easily buy this kind of data on the Dark Web. “I would spend my effort on the low-hanging fruit, as a hacker,” Truppi says. The census collects addresses and demographics, not financial or payment card data that criminals often seek to monetize. Even nation-states may prefer non-census data sources with more accurate information: Census data is self-reported, meaning the information could be incorrectly entered by any respondent.
“Intelligence gathering and disruption are some of the main motivations for nation-state threat actors,” says Kacey Clark, threat researcher at Digital Shadows. “These motivations are specific to adversaries that target organizations or individuals for espionage or surveillance reasons.”
A denial-of-service (DoS) attack is one way the census could be disrupted. Flooding the website with traffic would generate chaos and block people from entering information. The census anticipates about 120,000 people can try to respond online simultaneously; it has reportedly built the capacity for 600,000 to enter information at the same time. Intruders could seek to manipulate data that has already been entered by breaking into the infrastructure.
(Continued on next page)
Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial … View Full Bio
More Insights
Read More HERE