- On October 6, 2021, the DOJ announced two new initiatives: the Civil Cyber-Fraud Initiative and the National Cryptocurrency Enforcement Team.
- The Civil Cyber-Fraud Initiative will fight rising cyber threats to government contractors and grant recipients. This initiative will involve enforcement of the False Claims Act to pursue cybersecurity related fraud by government contractors and grant recipients to penalize entities and individuals that knowingly provide deficient cybersecurity, misrepresent their cybersecurity practices, or violate their obligations to report incidents and data breaches.
- The newly created National Cryptocurrency Enforcement Team will pursue prosecutions against cryptocurrency exchanges and other entities that enable the misuse of cryptocurrency to commit criminal activity, such as money laundering or the receipt of ransomware payments. The team will also help to recover cryptocurrency lost to fraud and extortion, including payments to ransomware groups.
On October 6, 2021, the Department of Justice (DOJ) announced twin programs focusing on monitoring contractor cybersecurity, and combating cryptocurrency used for illicit purposes. This announcement is part of DOJ’s strategic cyber threat review, and follows a series of well-publicized cyber incidents and subsequent federal efforts to shore up security among government agencies and contractors.
In December of last year, a cyberattack exploited a flaw in a product produced by third-party software provider SolarWinds, which caused a breach in several federal agency networks.1 Similar supply chain focused cyberattacks occurred this year, including the May attack on fuel supplier Colonial Pipeline. On May 12, 2021, President Biden issued an Executive Order (EO 14.028) focusing on revamping supply chain cybersecurity, particularly for government contractors and software providers (read more about the EO in our previous post here). The effort builds on other...