The U.S. Justice Department released the information below:
Defense contractor LOGZONE Inc. of Huntsville, Alabama has agreed to
pay $507,144 to resolve its liability under the False Claims Act for knowingly
failing to comply with cybersecurity requirements in contracts with the
Department of the Navy.
“Government
contractors that obtain sensitive defense information in administering their
contracts must follow required cybersecurity standards,” said Assistant
Attorney General Brett A. Shumate of the Justice Department’s Civil Division.
“The Justice Department will continue to investigate potential violations of
these cybersecurity requirements in order to protect this critical information
from external threats.”
“The protection
of sensitive defense information by government contractors is critical to
national security,” said U.S. Attorney Phillip W. Williams Jr. for the Northern
District of Alabama. “Adherence to the cybersecurity provisions of contracts
with the federal government must be a priority for all contractors, and this
enforcement action should serve as a reminder of that.”
“The
cybersecurity provisions of federal contracts are critical to protecting
sensitive information that may be transmitted in carrying out the mission of
the contracts,” said Navy Vice Admiral Stephen Tedford, Director of the Defense
Contract Management Agency. “DCMA will continue to ensure that contractors are
fulfilling these obligations.”
The settlement
resolves allegations under the False Claims Act that LOGZONE knowingly
submitted false or fraudulent claims for payment on two Navy contracts for
which LOGZONE had not complied with the contracts’ cybersecurity requirements.
From May 2021 to March 2025, LOGZONE allegedly failed to implement certain
cybersecurity controls in National Institute of Standards and Technology (NIST)
Special Publication (SP) 800-171 that, if not implemented, could lead to
significant exploitation of the system or exfiltration of sensitive defense
information. These issues were identified when the Defense Contract Management
Agency assessed LOGZONE’s implementation of NIST SP 800-171 security controls,
which resulted in LOGZONE receiving a score of -170, at the low end of the
possible score range of -203 to 110.
The resolution
obtained in this matter was the result of a coordinated effort between the
Justice Department’s Civil Division, Commercial Litigation Branch, Fraud
Section and the U.S. Attorney’s Office for the Northern District of Alabama
with assistance from the Department of the Navy Office of the General Counsel,
NCIS, the Department of the Army Criminal Investigation Division, and the
Defense Contract Management Agency’s Defense Industrial Base Cybersecurity
Assessment Center.
This year the
Administration launched the Task Force to Eliminate Fraud and the National
Fraud Enforcement Division to enhance the Administration’s war on fraud, waste,
and abuse in federal programs. When unscrupulous actors exploit these programs
for their own financial gain, they defraud the government, harm the people
these programs are designed to aid and protect, and undermine American
businesses that play by the rules. The Civil Division’s FCA enforcement plays a
critical role in combatting such fraudulent schemes, recovering billions of
dollars for the American taxpayers, and holding wrongdoers accountable. FCA
matters will continue to be on the forefront of the battle against fraud, and
the Civil Division’s FCA work will support and advance the mission of the Task
Force to Eliminate Fraud and the National Fraud Enforcement Division.
The matter was
handled by Fraud Section Trial Attorney Graham D. Welch and Assistant U.S.
Attorney Don Long for the Northern District of Alabama.
The claims resolved by the settlement are allegations only, and there has been no determination of liability.
No comments:
Post a Comment