EXECUTIVE SUMMARY:
In 2016, the U.S. Census Bureau decided to digitize the nation’s population count. They faced a big decision: Build an in-house system for collecting and processing the count or buy one from an outside contractor. They chose the latter and selected a particular outside contractor.
Fast forward to 2019, and the project is facing serious reliability and security issues, according to current and former technology professionals involved in the digitization effort. In addition, the project’s cost has doubled to $167 million, $40 million above the original cost projection to build an in-house system.
During testing in 2018, the census website was hacked with IP addresses in Russia. An intruder bypassed a firewall and accessed parts of the system that were supposedly restricted to census developers. In the same test, the website experienced a domain name service attack, causing a sharp increase in traffic. While neither incident resulted in system damage or stolen data, the incidents raised concerns with security contractor’s ability to defend against sophisticated cyber attacks.
One concern focused on the system’s forensic capabilities. Would the system be able to accurately define the details of a significant malware infection?
Despite recent reports, the Census Bureau has claimed the problems have been fixed or in the process of being remedied. The potential cost of a breach or a system failure with the new digital system could compromise the count’s accuracy. Tampered results could affect outcomes such as each state’s representation in Congress and the allocation of up to $1.5 trillion a year in federal fund allocations.