Kriston Capps is a staff writer for CityLab covering housing, architecture, and politics. He previously worked as a senior editor for Architect magazine.
[ad_1] CHESTER COUNTY — Thousands of residents of Chester, Montgomery, Delaware, and other counties still have not responded to the U.S. 2020 Census, and that will mean lost federal revenue […] View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans The U.S. Census Bureau’s decennial count is raising concerns that its new digital systems are vulnerable to attacks or malfunctions that could unfairly rejigger congressional seats or shuffle federal resources. The 2020 headcount, for the first time conducted primarily online, kicked off in remote parts of […] View full post on AmIHackerProof.com
be made on April 1, 2020. For the first time, the United States Census will
offer a full internet response option, in addition to traditional paper
responses. The digitization of the census is meant to address the challenges of
counting an increasingly large and diverse population, while also complying
with strict cost constraints imposed by Congress. But as with most
technological breakthroughs, there are plenty of risky implications.
first for the U.S., other countries have hosted censuses online before. Most
notably, the 2016 census in Australia involved the country being hit with a DDoS
attack that brought down the system for 40 hours and caused a plethora of
data was compromised, but as the U.S. gears up for its inaugural online census,
there is pressure to get it right. Security experts and citizens alike find
themselves asking the tough questions: Do we truly understand the risks
involved in an online census? How can we prepare to face potential security
concerns, and what happens if we fail to do so?
critical that both citizens and government agencies are aware of the potential
cybersecurity threats that exist with this transition. From compromised
respondent devices to disrupted network access and data breaches, there’s
plenty of room for error.
operation that is nation-wide, has a strict deadline and involves sensitive
data faces some major technical challenges and malicious cyber threats. Given
the important implications of the census for the U.S. government and its
population, the most immediately concerning are attacks and vulnerabilities that
impact the quality or security of the data in inconspicuous ways:
There are certainly
plenty of risks, but there are also steps and precautions that we can take now
to keep anticipated threats at bay and ensure an accurate, secure census in
the Best, Prepare for the Worst
that the U.S. Census Bureau has had a decade to prepare, but in today’s cyber
landscape, new threats and attack vectors are being developed that can’t always
be foreseen. With so much at stake, professionals are working around the clock
to identify potential mishaps and develop security strategies and mitigation
In terms of
precautions, there are several critical actions that can be taken to protect
our data and prepare for a successful and reliable census. First and foremost,
we must ensure that our internet service providers are not vulnerable to DNS
hijacking attacks and that all collected data is encrypted, both at rest and in
transit, in ways that are very difficult to decrypt.
making sure the internal and external networks have next generation firewalls
and advanced threat protection capabilities will mitigate the risks of
compromised network access, impersonation of U.S. Census Bureau websites and
to the precautions government entities must take, there is one important thing
the average citizen can do to protect their data – be aware of the timelines
of the census and suspicious of any phishing emails you receive prior to April
1 or afterwards, asking for similar information as the census. Any email
purporting to be from the Census Bureau requesting financial information,
social security numbers or specific birth dates, for example, should be
reported to the FBI’s internet crime center.
happens if we fail to adhere to these precautions? What is the potential
the “What ifs”
census holds extreme importance, in that it helps ensure citizens’ voices are
heard and everyone is represented. It has major implications for public decision-making
processes, including divvying up seats in Congress, dispersing public funding
and planning for Social Security.
properly prepared, we risk inaccurate, unclear or untrusted census results. In
this scenario, the faulty data would still be used to make decisions on
redistricting maps and funding allocations for community services and other
crucial programs that citizens need to thrive and prosper.
Government Accountability Office (GAO) has issued seven recommendations for managing the risk associated
with conducting an online census, all of which are key to the program’s success
and integrity. However, with just half a year to go until Census Day, it’s time
to move beyond recommendations for planning and into action.
By placing a
renewed focus on the technology vendors and supply chains being used by government
agencies, and educating and preparing citizens across the country, we’ll be well
on our way to a successful 24th U.S. Census.
The post #cybersecurity | hacker | How to prepare for the U.S. Census to move online appeared first on National Cyber Security.
View full post on National Cyber Security
With the next census, for the first time ever, respondents will be able to fill out their questionnaires online. This marks a major transition for the count, which guides the apportionment of seats in Congress and the disbursement of hundreds of billions of dollars in federal funds. Giving Americans the option to fill out the 2020 census by laptop or smartphone means dragging Article 1, Section 2 of the U.S. Constitution into the 21st century. For better or for worse.
Worries over the looming census run beyond the typical concerns about underfunding and understaffing (although those are fraying nerves this time around also). Putting the census online opens a Pandora’s box of new risks, including meddling from hackers and scammers, and there’s evidence that vultures are already circling. While the first-ever online census introduces challenges for consumer protection and data security, the greatest threat to the census itself may be inequality—specifically, the digital divide.
“Asking people to fill out a form on their phone is quite different and complicated from asking people to use a social media app,” says Greta Byrum, co-director of the Digital Equity Laboratory at the New School.
First, the good news: An overwhelming majority of adults in America know about the census and plan to participate. The brand is strong, according to the Pew Research Center, despite the Trump administration’s failed effort to pin a divisive citizenship question onto the questionnaire. Yet its (quite literal) household-name status also makes it a high-value target for players intent on misleading people.
For example, in October, the Republican National Committee issued a mailer in Bozeman and other areas in Montana that represented itself as a “2019 congressional district census.” The document was really a disguised solicitation for President Donald Trump’s re-election campaign, leading officials in Montana to condemn the “imitation census” as misinformation.
Other census-lookalike forms are designed to lure people to sites where they might be asked for identifying personal information or financial records (even though the census doesn’t ask for these details). “We’ve already seen cases of fake mailers, where they ask people to go to some random URL,” Byrum says. She gives an example of a library patron in Canandaigua, New York, who brought a mimic mailer in to the local library to ask whether it was an official census form.
When the official 2020 census launches next April, the mailers that come to households will direct respondents to a web address and provide them with a unique identifying code. That opens a window for fraud: Bad actors might design convincing spoof sites that look like an official census portal, or they might zero in on (say) a wifi network created for census response by a neighborhood complete count committee. All the usual malware maladies that plague email could be tried against the census, and the same people who are vulnerable to those attacks—older people and those less familiar with online interactions—may be victimized. Other scammers pretend to be Census Bureau staffers and use analog methods of deceit to lure victims into handing over Social Security numbers and other identifying personal information over the phone or at the door. Organizations like AARP have been warning members how to better identify census fraud threats and imposters.
The U.S. Census Bureau’s 2020 data collection push itself could also be a target. When Australia launched its first online census in 2016, it was subject to a distributed denial of service attack that crashed the site, forcing authorities to take it down. Security experts have warned the Bureau that census data will be vulnerable both during transmission and at rest. Earlier this year, officials from the Government Accountability Office testified before the House that the Census Bureau had flagged more than 500 corrective actions to be taken during a cybersecurity risk assessment, nearly half of which were deemed high risk.
“The Census Bureau has been extremely guarded about how they’re building these systems,” Byrum says. “There was a long delay on procurement of these contracts because of the [federal government] shutdown [in 2018–19]. The Census Bureau is really far behind on building the IT systems.”
Delays, budget uncertainties, and lapses in leadership have loomed over the census. While three full trials were planned to test all 50-odd new IT systems for the 2020 Census, the bureau scaled back its preparations to a single dress rehearsal in Rhode Island’s Providence County due to funding shortfalls. “When we went into the end-to-end pilot in Rhode Island in 2018, several of the systems were not completed yet. We haven’t seen them. They haven’t been tested in the field. They’re not going to be tested.”
Even the system for ensuring that the census reaches hard-to-count households is brand new. For the 2010 census, the bureau hired about 160,000 temporary workers known as “listers” to canvas nearly every block in the nation and generate the agency’s master address file (part of a much larger temporary workforce). As a cost-saving mechanism, the Census Bureau scaled back the door-to-door canvassing operation for 2020. The agency is splitting this task into “in-field” and “in-office” efforts. The latter involves sophisticated data analysis techniques, including machine learning and satellite imaging, to generate a profile for places that have added addresses.
As a result, the Census Bureau is only physically canvassing a quarter of the blocks that the agency covered for the last census. During the single (and only) end-to-end trial conducted of the census, the in-office (digital) canvassing results differed from the in-field (analog) canvassing results for 61 percent of the blocks tested, according to a final internal report on the trial.
“If there’s an over-representation of folks who have internet at home, we don’t know that the nonresponse follow-up systems as it exists is going to be able to identify who has not been counted,” Byrum says. “We’re not sure there’s any corrective mechanism to identify or measure an undercount.”
There won’t be another dress rehearsal before Census Day (April 1, 2020). The 2018 practice run in Providence County did not exactly inspire confidence, according to James Diossa, the mayor of Central Falls, Rhode Island. Outreach was nonexistent. Worse still, Commerce Secretary Wilbur Ross announced the citizenship question in March 2018, midway through the test, adding to the confusion. “There was no information, no advertising, no discussions happening from the Census Bureau around this test trial run,” Diossa told CityLab earlier this year.
“Folks would rather not transmit their data through systems that they neither understand nor trust.”
Yet outreach is an enormous obstacle for the 2020 census, thanks to the deep divides in the ways that American reach and use the internet. In New York City, for example, more than 917,000 households lack access to broadband at home—29 percent of the city, per a July report on the census from the Office of the New York City Comptroller. This digital divide tracks neatly with existing borders that define marginalized populations, including race, class, and ethnicity. Nearly half of the homes in Borough Park, Kensington, and Ocean Parkway in Brooklyn lack broadband access at home, while on the Upper East Side that figure is just 15 percent.
Broadband access isn’t the only measure of the digital divide. Sticking with New York, about 38 percent of households without internet access at home pay for data on a mobile device. Smartphones may be ubiquitous among communities of color, particularly in low-income communities, but that isn’t a closing of the digital divide, says Maya Wiley, professor at the New School and founder and co-director of the Digital Equity Laboratory. “Try doing your homework on a mobile phone,” she says.
Black and Hispanic adults, who are more likely to have unreliable access to the internet in the first place, also harbor greater doubts about the census, according to the research from Pew. And no wonder: The Trump administration took great pains to introduce a citizenship question as a way to give an edge to Republicans and non-Hispanic whites. While the effort to add the citizenship question failed, the distrust lingers, and putting the census online raises a whole new category of objection.
“Folks would rather not transmit their data through systems that they neither understand nor trust,” says Melva M. Miller, executive vice president for the Association for a Better New York, a nonprofit that has identified 2020 census outreach as a priority.
Maximizing New York City’s self-response rate is one of her association’s goals going into a census that could see the state as a whole lose billions of dollars in federal funds as well as one or more seats in Congress. Developing messaging to reach hard-to-count communities means coming up with the strategy that’s most likely to reach a trusted figure within a particular demographic, whether that’s a maternal head-of-household, religious leader, or social media platform. And the answer changes wherever you go.
“I was in a conference and sitting on a panel with a woman who is organizing in the state of Arkansas, and she mentioned that there’s been some hesitation among the minority community specifically in Arkansas around filling out the form online. Their preference was to complete the form over the phone,” Miller says. “In our focus groups [in New York], we saw the absolute opposite. Filling out the census over the phone was the least favorite option, even after enumerators knocking on individual doors.”
Public libraries are likely to be the front line in census outreach: That’s where many people who don’t have home access to the internet go to get online. And as trusted arbiters of information across many different communities, librarians have been preparing for the 2020 census for at least two years, according to Larra Clark, deputy director for policy at the Public Library Association (part of the American Library Association). In fact, librarians are already doing some heavy lifting for the 2020 count: They’re helping library users apply for and train for jobs with the Census Bureau, processes that have migrated online with this census.
“Every time we see a government activity move online, whether it’s only online or partly online, every single time we see an impact on our public libraries,” Clark says. “So much about the census is about what public libraries do every day ensuring people have a safe and effective online experience.”
Librarians, faith leaders, and other standard bearers have their work cut out for them. For the 2020 census to succeed, they’ll have to help communities across the country bridge the gulfs of digital illiteracy and lack of accessibility. Success assumes that the government’s untested census technologies hold up to attacks from pirates, hackers, and foreign governments. And if everything works—well, we’ll never know, really. The Census Bureau isn’t conducting a control trial to see how the online census measures up to past efforts.
“If we have a census where a large percentage of the population don’t have faith in the results,”Byrum says, “then we’re in a very poor position when it comes to how we make those decisions or how we litigate going forward regarding these very important issues.”
The post #deepweb | <p> Technology Might Save, or Doom, the 2020 Census <p> appeared first on National Cyber Security.
View full post on National Cyber Security
A government advisor says the Census was attacked by an unknown source last night.
Special Advisor to the Prime Minister on Cyber Security, Alastair MacGibbon spoke with Tom Elliott.
“We didn’t cover ourselves in glory last night, there’s no doubt.”
The post Cyber Security advisor to the PM says the Census was attacked not hacked appeared first on National Cyber Security.
View full post on National Cyber Security
Online hacking group Anonymous is taking responsibility for breaching U.S. Census Bureau databases and posting what looks like personally identifiable information on various federal and state government employees. In a tweet Wednesday, the collective posted a link to a website that houses four large text documents that appear to include the names, email addresses, work addresses and office phone numbers for thousands of current and former federal employees. One of the documents also appears to list information on employees in a number of different states, as well as information on employees of private accounting and auditing firms across the country. Another document also seems to show password hashes of database users, along with a library of various Oracle database utilities and files. In a statement to FedScoop, Census spokesman Michael Cook said the bureau is investigating “unauthorized access to non-confidential information on an external system that is not part of the Census Bureau internal network.” Access to that system has been restricted as part of the bureau’s investigation. The breach was first reported by the U.K. edition of the International Business Times. The bureau did not comment on whether they discovered the hack themselves or were alerted by another agency. […]
For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com
The post Anonymous claims responsibility for Census Bureau hack appeared first on National Cyber Security.
View full post on National Cyber Security