Photo: Stefani Reynolds/Bloomberg via Getty Images
The Justice Department has launched a new initiative to target government contractors and federal grant recipients that fail to report cybersecurity breaches, Deputy Attorney General Lisa O. Monaco announced Wednesday.
Why it matters: Cybersecurity has become an increasingly urgent concern amid the growth of cybercrime groups, foreign adversaries' cyber-espionage capabilities and multiple U.S. government hacks.
Details: The new Civil Cyber-Fraud Initiative will use "civil enforcement tools to pursue companies, those who are government contractors, who receive federal funds, when they fail to follow recommended cybersecurity standards," Monaco said.
- It's intended to hold accountable anyone who puts U.S. information or systems at risk by "knowingly providing deficient cybersecurity products or services, knowingly misrepresenting their cybersecurity practices or protocols, or knowingly violating obligations to monitor and report cybersecurity incidents and breaches," per a DOJ release.
- The initiative is a result of the DOJ's ongoing comprehensive cyber review, which Monaco ordered in May.
What they're saying: "For too long, companies have chosen silence under the mistaken belief that it is less risky to hide a breach than to bring it forward and to report it," Monaco said in a statement. "Well, that changes today. "
- "This is a tool that we have to ensure that taxpayer dollars are used appropriately and guard the public fisc and public trust."
The big picture: A sweeping cyberattack by Russia last year compromised a wide range of high-profile agencies and companies, including the Treasury, Commerce and Homeland Security departments.
- The Chinese government was tied to new hack attacks on the U.S. government earlier this year.
- Ransomware has become its own pandemic, Axios' Felix Salmon and Ina Fried write.
- The White House is working with several tech leaders to address the growing wave of cyberattacks.