Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Report: Census Hit by Cyberattack, US Count Unaffected

U.S. Census Bureau computer servers uninvolved with the 2020 census were exploited last year during a cybersecurity attack, but hackers’ attempts to keep access to the system were unsuccessful, according to a watchdog report released Wednesday.

The attack took place in January 2020 on the bureau’s remote access servers.

U.S. Census Bureau computer servers uninvolved with the 2020 census were exploited last year during a cybersecurity attack, but hackers’ attempts to keep access to the system were unsuccessful, according to a watchdog report released Wednesday.

The attack took place in January 2020 on the bureau’s remote access servers.

According to the Office of Inspector General, the Census Bureau missed opportunities to limit its vulnerability to the attack and didn’t discover and report the attack in a timely manner. The statistical agency also failed to keep sufficient system logs, which hindered the investigation, and was using operating system no longer supported by the vendor, the watchdog report said.

The bureau’s firewalls stopped the attacker’s attempts to maintain access to the system through a backdoor, but unauthorized changes were still made, including the creation of user accounts, the report said.

In a written response, acting Census Bureau director Ron Jarmin reiterated that none of the systems used for the 2020 census were compromised, nor was the nation’s once-a-decade head count affected in any way.

“Furthermore, no systems or data maintained and managed by the Census Bureau on behalf of the public were compromised, manipulated or lost …” Jarmin wrote.

Advertisement. Scroll to continue reading.
Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Artificial Intelligence

Two new surveys stress the need for automation and AI – but one survey raises the additional specter of the growing use of bring...