Oct 6, 2021 - Politics & Policy

DOJ launches new initiative to target contractor cyber-fraud

Photo of a sign that says "Robert F. Kennedy Department of Justice Building" outside the DOJ building

Photo: Stefani Reynolds/Bloomberg via Getty Images

The Justice Department has launched a new initiative to target government contractors and federal grant recipients that fail to report cybersecurity breaches, Deputy Attorney General Lisa O. Monaco announced Wednesday.

Why it matters: Cybersecurity has become an increasingly urgent concern amid the growth of cybercrime groups, foreign adversaries' cyber-espionage capabilities and multiple U.S. government hacks.

Details: The new Civil Cyber-Fraud Initiative will use "civil enforcement tools to pursue companies, those who are government contractors, who receive federal funds, when they fail to follow recommended cybersecurity standards," Monaco said.

  • It's intended to hold accountable anyone who puts U.S. information or systems at risk by "knowingly providing deficient cybersecurity products or services, knowingly misrepresenting their cybersecurity practices or protocols, or knowingly violating obligations to monitor and report cybersecurity incidents and breaches," per a DOJ release.
  • The initiative is a result of the DOJ's ongoing comprehensive cyber review, which Monaco ordered in May.

What they're saying: "For too long, companies have chosen silence under the mistaken belief that it is less risky to hide a breach than to bring it forward and to report it," Monaco said in a statement. "Well, that changes today. "

  • "This is a tool that we have to ensure that taxpayer dollars are used appropriately and guard the public fisc and public trust."

The big picture: A sweeping cyberattack by Russia last year compromised a wide range of high-profile agencies and companies, including the Treasury, Commerce and Homeland Security departments.

Go deeper