The 2020 Census approaches, fraught and politicized. The most visible issue seems to be the debate (and litigation) over whether it is fair to ask respondents if they are American citizens. This is surely a troubling question, but there is at least one other major problem looming with the census. It won’t draw much heat, in political or media terms, but it’s no less important. In fact, it could be much more serious than the citizenship flap. It’s the matter of data security.
Risk to census data is on the mind of Jonathan Couch, Vice President of Strategy at ThreatQuotient, which makes a threat intelligence platform. Couch brings impressive credentials to the discussion, having served in a number of roles related to advanced cyber warfare, cybersecurity, information operations and policy. These include stints in the Air Force at the National Security Agency, the Air Force Information Warfare Center and in Saudi Arabia for the Joint Task Force.
Couch’s concerns cross several dimensions of the census. First, there are the mechanics of the data collection and storage. As he points out, much of the census data will be collected digitally through devices like tables. From there, census workers will upload the data to cloud-hosted databases. This architecture was devised to enable different groups of stakeholders, e.g. state and federal agencies to have easy access to the data.
“One of the most striking aspects of the census, from a cyber security perspective, is the sheer size of the effort,” Couch says. “You’ve got thousands of people collecting information on thousands of devices. That alone is a big attack surface area. But, the red teamer in me wants to ask, ‘what happens if someone loses a device?’ or ‘what are the authentication rules for the main database?’ Who gets access? Is the data submission secure? How? How is it logged, and on and on?”
The need to preserve data integrity is absolutely essential for the Census. Over 2,500 government program depend on the Census. Without accurate information, many elements of the government and citizens they serve will suffer.
These practical concerns are actually secondary to Couch’s bigger worry. “We’re not seeing the plans for securing the census,” he says. “It appears that the Census Bureau is not serious about bringing cybersecurity industry partners in to the process of designing the data collection workflow. Neither I, nor anyone else I know in the security sector, has any idea how this is being implemented or secured.”
Couch doesn’t know why details not available. “Maybe it’s like healthcare.gov, where the administration is concerned about revealing too much, for political reasons. If that’s the case, it’s an error in judgement, in my view.” Alternatively, Couch suspects the government is attempting a “security through obscurity” strategy, figuring if they publish nothing about the Census data and security architecture, it will be harder to hack. “This has been proven wrong,” Couch adds. “Someone will always find it and find a way in, for bragging rights, if nothing else.”
In Couch’s mind, the biggest threats to the Census involve malicious actors manipulating data in order to manipulate budgets, voting district residential tallies and so forth. “It could be ransomware, too,” he shares. “You don’t want to think about what that will look like.”
Couch recommends bringing together a consortium of companies and individuals to look at the Census’ architecture. Then, they might find areas where that specific technology and architecture have been used before and tested for security. “This way, we can start to gain confidence that it will at least work properly and be secure. Then, I would do a bug bounty,” Couch says. “Let’s pay people to break in. It will save a lot of time, embarrassment and money down the road.” He also advocates using a “trust but verify” approach with paper backups to information gathering processes. “That way, we can spot check and cross-correlate data,” Couch says, adding, “I think the country deserves this level of care in the Census. It’s too important to treat it in the current manner.”