DOJ's New Civil Cyber-Fraud Initiative
What Does the DOJ's New Civil Cyber-Fraud Initiative Mean for Whistleblowers?
On October 6, 2021, Deputy Attorney General Lisa O. Monaco announced the DOJ's new Civil Cyber-Fraud Initiative, which will utilize the False Claims Act to penalize government contractors who fail to comply with requisite cybersecurity standards. This initiative is no surprise, as the DOJ listed cybersecurity as one of six priorities for upcoming FCA enforcement.
What is the Civil Cyber-Fraud Initiative?
The Civil Cyber-Fraud Initiative memorializes the DOJ's commitment to using the FCA to enforce cybersecurity standards that are requisite to government contracts. While the initiative targets technology companies who knowingly provide inadequate cybersecurity products or services, the initiative also implicates companies outside of the technology industry. Any company who contracts with the government and makes misrepresentations about its cybersecurity practices or fails to monitor and report any breaches could face FCA liability.
Why is the Civil Cyber-Fraud Initiative Important?
Incidents such as the 2021 Colonial Pipeline cyberattack emphasize the importance of preventing cyber fraud. When hackers launched a cybersecurity attack involving ransomware against Colonial Pipeline, the pipeline shut down, resulting in fuel shortages throughout much of the East Coast. As companies become more reliant on technology, it becomes increasingly important that they uphold cybersecurity standards, as cyber fraud not only compromises information, but can also disrupt operations.
How Does the FCA Apply to Instances of Cyber Fraud?
In recent years, there have already been a few FCA cases involving cyber-fraud allegations. For example, in August 2019, Cisco Systems, Inc. paid $8.6 million to resolve FCA allegations arising from security flaws in their video surveillance products. The relator alleged that "Cisco markets the product as particularly suited for government customers, and knows that the product is routinely sold to government customers, even though Cisco knows that these critical security flaws render the product largely ineligible for purchase by government entities."
In May 2019, a court denied a motion to dismiss an FCA complaint alleging that Aerojet misrepresented its compliance with cybersecurity requirements when contracting with National Aeronautics & Space Administration ("NASA") and the Department of Defense ("DoD"). While the agencies knew that Aerojet was not fully compliant with the requirements, they concluded that it would be "relatively simple" for Aerojet to become compliant and entered into a contract with it. However, the relator alleged that Aerojet was actually further away from compliance than they represented to the government. Accepting these allegations as true, the court found that the government's decision to enter into a contract with Aerojet may have been based on Aerojet's misrepresentations about its cybersecurity compliance. In other words, cybersecurity compliance may be relevant to the central purposes of the contract, thus satisfying the FCA's rigorous materiality requirement.
What Should I Do If I Witness Cyber Fraud?
If you are aware of fraud against the government, whether in cybersecurity or another sector, you may be eligible to blow the whistle in a False Claims Act lawsuit and may be entitled to a portion of the recovery. To find out more, contact Goldberg Kohn for a confidential consultation.
1Complaint, United States of America ex rel. Glenn v. Cisco Systems Inc., No. 1:11-cv-00400 (W.D.N.Y.)
2United States ex rel. Markus v. Aerojet Rocketdyne Holdings, Inc., No. 2:15-cv-2245 WBS AC (E.D. Cal. May 8, 2019)
Recent Posts
- Precision Lens Pays $487 Million in False Claims Act Case
- Second Chance Body Armor - A False Claims Act Case Study
- Wage Law Violations in Federal Construction Contracts
- Before Blowing the Whistle: 5 Things You Should Know
- False Claims Act and the Opioid Crisis
- Fighting Environmental Fraud with the False Claims Act
- Do Pre-Filing Releases in Private Agreements Bar False Claims Act Lawsuits?
- Telehealth Fraud
- COVID-19 Vaccine Fraud and the False Claims Act
Topics
- Ambulance Fraud
- Circuit Court Opinions
- Corporate Fraud
- Cost-Plus Contracts
- Criminal Fraud Charges
- Department of Justice
- Evidence
- Farm Subsidy Fraud
- Goldberg Kohn
- Grant Fraud
- Healthcare Fraud
- Higher Education
- Housing and Urban Development
- Kickbacks
- Legal Procedures
- Legislation
- Materiality
- Medicaid
- Medical Devices
- Medicare
- Military & Defense Fraud
- Nursing Home Fraud
- Pharmaceutical Fraud
- Price Gouging
- Qui Tam
- Real Estate Fraud
- Rule 9(b)
- Securities and Exchange Commission
- Shipping Industry
- Supreme Court
- Tax Fraud
- Unnecessary Medical Services and Procedures
- Upcoding
- Whistleblower Awards
- Whistleblower Information
- White House