Pierluigi Paganini October 11, 2020

The US DHS’s Homeland Threat Assessment (HTA) report revealed that threat actors have targeted the US Census network during the last year.

The US Department of Homeland Security revealed that unknown threat actors have targeted the network of the US Census Bureau during the last year.

The attacks were reported in the first Homeland Threat Assessment (HTA) report released earlier this week.

The US Census Bureau is the largest US federal government statistical agency responsible dedicated to providing current facts and figures about America’s people, places, and economy. 

Data collected by the agency is used by the federal government to allocate over $675 billion in federal funds to tribal, local, and state governments every year.

According to the DHS, threat actors will likely interfere with the upcoming 2020 US Presidential election, as well as to compromise the 2020 US Census.

DHS warns of nation-state actors linked to China, Russia, Iran, and North Korea that will attempt to compromise or disrupt critical 2020 elections infrastructure, as well as try to interfere with the final vote.

“Advanced persistent threat or other malicious cyber actors likely will target election-related infrastructure as the 2020 Presidential election approaches, focusing on voter PII, municipal or state networks, or state election officials directly.” reads the DHS HTA.

The report mentions multiple attempts of gaining access to systems on the US Census network.

“Unidentified cyber actors have engaged in suspicious communications with the U.S. Census public-facing network over at least the last year, including conducting vulnerability scans and attempting unauthorized access,” continues the report. “Cyber activity directed at the U.S. Census could include attempts to gain illicit access to census-gathered bulk data; to alter census registration data; to compromise the census infrastructure supply chain, or conducting denial-of-service attacks.”

In the past, the US Census has been hit by attacks, such as hacks and DDoS attacks during a 2018 test of census systems attributed to Russia-linked hackers and a 2015 hack attributed to the Anonymous collective.

The HTA report warns of an intensification of malicious activities conducted by both nation-states and cybercrime groups. The document warns of destructive attacks against U.S. critical infrastructure.

“Federal, state, local, tribal and territorial governments, as well as the private sector, will experience an array of cyber-enabled threats designed to access sensitive information, steal money, and force ransom payments,” continues the HTA report.

The report pointed out the nation-state actors have different motivations.

Russia, China, and Iran are more focused on cyber-espionage while North Korea is “confined to criminal generation of revenue.”

This HTA annual report provides information of threats targeting the US to government and private sector partners.

Let me suggest to read it.

Pierluigi Paganini

(SecurityAffairs – hacking, US Census Bureau)

[adrotate banner=”5″]

[adrotate banner=”13″]