Thursday, December 8, 2022

DOJ empowers False Claims Act, Federal contractors’ cybersecurity threat

U.S. Department of Justice (DOJ) disclosed on Wednesday intentions of implementing the False Claims Act as an additional measure to follow-up on cybersecurity cases intertwined with federal contractors playing a role in exposing the country’s security ecosystem to cybersecurity threats.

Deputy Attorney General Lisa O. Monaco introduced this week the Civil Cyber-Fraud Initiative that will influence the current False Claims Act (FCA) to “pursue cybersecurity-related fraud by government contractors and grant recipients.”

The initiative will hold federal contractors or individuals accountable for exposing U.S. Cyberinfrastructure to threats by intentionally equipping federal agencies with defective cybersecurity equipment or services, according to the DOJ’s press release.

In parallel, federal contractors could be facing heavy penalties for breaching commitments to observe and report cybersecurity threats and breaches.

“Today, we are launching a Civil Cyber Fraud Initiative,” Lisa Monaco said at the virtual Aspen Institute Cyber Summit.

“For too long, companies have chosen silence under the mistaken belief that it’s less risky to hide a breach than to bring forward and to report it. Well, that changes today. We are going to go after that behavior and extract very hefty fines, so this is a tool that we have to ensure that taxpayer dollars are used appropriately and to guard the public trust, and that is what we are going to do with respect to this civil fraud initiative,” she added.

With the surfacing presence of whistleblowers exposing Big Tech companies for their misleading demeanor with U.S. federal agencies, the Deputy Attorney General added that safety will be provided to whistleblowers who seek to report any kind of federal cybersecurity standards violation, be it by governmental or private contractors.

As a wave of cyberattacks overtook strategic federal organizations, such as the SolarWinds hack giving Russian governmental hackers access to a multitude of U.S. federal agencies in 2020, the Colonial Pipeline breach, the UAE’s Project Raven, and IT company Kaseya has brought absolute chaos to the U.S. federal “secure” infrastructure.

As a consequence of the ever-growing hacking emergence, the House of Representatives and Senates have implemented various bills demanding federal agencies, significant infrastructure owners, and operators to vocalize critical cybersecurity threats and breaches to federal authorities.

The DOJ’s approach to scrap ransomware threats is the first step for Congress to ratify a national benchmark to expose cyber incidents that expose the country to hazardous threats that expose “critical infrastructure and their supply chain.”

The Department will create a National Cryptocurrency Enforcement Team in an attempt to deconstruct cryptocurrency exchanges adopted by hackers to ease up the process of obtaining ransomware payments by exposed victims.

The initial step will be picking the appropriate personnel to be positioned as the team leader to “identify, investigate, support, and pursue cases against cryptocurrency exchanges, infrastructure providers, and other entities that are enabling the misuse of the cryptocurrency.”

Member of the team that will revolt against incriminating cryptocurrency exchanges will be extracted from various DOJ entities, such as the Criminal Division’s Money Laundering and Asset Recovery Section, the Computer Crime and Intellectual Property Section, and Criminal Division employees derived from U.S. attorneys’ offices from various areas in the U.S.