United States Census Bureau fell victim to a cyberattack in January 2020 that was traced back to a Citrix vulnerability.
The attackers managed to breach the internal network used to manage the agency’s remote workers but the automated firewall blocked communications with the attacker’s command and control servers.
No census information or data was accessed by the attackers as the backdoor was discovered and removed.
TPRM report: https://scoringcyber.rankiteo.com/company/us-census-bureau
"id": "usc13507522",
"linkid": "us-census-bureau",
"type": "Cyber Attack",
"date": "01/2020",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"{'affected_entities': [{'industry': 'Government',
'location': 'United States',
'name': 'United States Census Bureau',
'type': 'Government Agency'}],
'attack_vector': 'Network Intrusion',
'date_detected': 'January 2020',
'description': 'The United States Census Bureau fell victim to a cyberattack '
'in January 2020 that was traced back to a Citrix '
'vulnerability. The attackers managed to breach the internal '
'network used to manage the agency’s remote workers but the '
'automated firewall blocked communications with the attacker’s '
'command and control servers. No census information or data '
'was accessed by the attackers as the backdoor was discovered '
'and removed.',
'impact': {'systems_affected': ['Internal network for remote workers']},
'initial_access_broker': {'backdoors_established': ['Backdoor discovered and '
'removed'],
'entry_point': 'Citrix Vulnerability'},
'post_incident_analysis': {'root_causes': ['Citrix Vulnerability']},
'response': {'containment_measures': ['Automated firewall blocked '
'communications',
'Backdoor discovered and removed']},
'title': 'United States Census Bureau Cyberattack',
'type': 'Cyberattack',
'vulnerability_exploited': 'Citrix Vulnerability'}