Security News > 2021 > August > Postmortem on U.S. Census Hack Exposes Cybersecurity Failures

Postmortem on U.S. Census Hack Exposes Cybersecurity Failures
2021-08-19 14:35

Threat actors exploited an unpatched Citrix flaw to breach the network of the U.S. Census Bureau in January in an attack that was ultimately halted before a backdoor could be installed or sensitive data could be stolen, according to a report by a government watchdog organization.

Investigators found that officials were informed of the flaw in its servers and had at least two opportunities to fix it before the attack, mainly due to lack of coordination between teams responsible for different security tasks, according to the report, published Tuesday by the U.S. Department of Commerce Office of Inspector General.

The bureau also lagged in its discovery and reporting of the attack after it happened.

The report details and reviews the incident that occurred on Jan. 11, 2020, when attackers used the publicly available exploit for a critical flaw to target remote-access servers operated by the bureau.

Citrix released a public notice about the zero-day flaw-tracked as CVE-2019-19781-in December.

In January, a representative from the bureau's Computer Incident Response Team to proactively alert incident responders of suspicious network traffic, investigators found.


News URL

https://threatpost.com/postmortem-on-u-s-census-hack-exposes-cybersecurity-failures/168814/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-12-27 CVE-2019-19781 Path Traversal vulnerability in Citrix products
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0.
network
low complexity
citrix CWE-22
critical
 9.8
9.8