Defensive Security Podcast Episode 267

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec - A podcast by Jerry Bell and Andrew Kalat

Categories:

Defensive Security Podcast Episode 267   Links: https://www.justice.gov/opa/pr/aerojet-rocketdyne-agrees-pay-9-million-resolve-false-claims-act-allegations-cybersecurity https://us-cert.cisa.gov/ncas/alerts/aa22-187a https://www.zdnet.com/article/these-are-the-cybersecurity-threats-of-tomorrow-that-you-should-be-thinking-about-today/ jerry: [00:00:00] Alright, here we go. Today is Sunday, July 10th, 2022. And this is episode 267 of the defensive security podcast. My name is Jerry Bell and joining me tonight as always. Is Mr. Andrew Kellett. Andy: Good evening, Jerry, how are you? Good, sir. jerry: I’m doing great. How are you doing? Andy: I’m good man. It’s hot and steamy in Atlanta. Tell you that much. jerry: Yeah. I ‘ve been back for a month from my beach place. And I think today’s the first day that we’ve not had a heat advisory. [00:01:00] Andy: Yeah, that’s crazy. jerry: which it has been brutally hot here. Andy: Now, when you say beach place, you might have to be more specific, cause you’ve got one like seven beach houses now. jerry: Well, the Southern most beach house. Yes. Andy: Yeah. One is the Chateau. One’s technically a compound. jerry: One’s an island, Andy: that’s. Andy: We’re going to have to probably name them because. They’re tough to keep straight. jerry: They definitely are. Yup. Andy: But, I, for one. Appreciate your new land barronness activities. And look forward to. Andy: Jerry Landia being launched and seceding from the United States. jerry: Hell. Yeah. That’s right. Andy: I’ll start applying for citizenship whenever I can. jerry: Good plan. Good plan. All right. A reminder. We should probably already said this, but the thoughts and opinions we expressed on the show are ours and do not represent those of our employers. Andy: But for enough money, they could jerry: yeah. Everything is negotiable. [00:02:00] All right. Couple of really interesting stories crossed my desk. Recently and the first one comes from the US department of justice of all places. And the title here is Aerojet , Rocketdyne agrees to pay $9 million to resolve false claims act allegations. jerry: Of cybersecurity violations in federal government contracts. So the story here is that there’s this act, as you could probably tell by the title called the false claims act that permits an employee of a company who specifically does business with the US government to Sue the company under the false claims act claiming that the company is misrepresenting itself in the execution of its contracts. And if that [00:03:00] lawsuit is successful, the person making the allegation, basically it’s a whistleblower kind of arrangement. The person making the allegation gets a cut of the settlement. And so in this particular case the whistleblower received $2.61 million dollars of the $9 million. Andy: Wow. So his company. In theory was lying on their security controls. And he found out about it or knew about it. And was a whistleblower. About it is getting 2.61 million. jerry: Correct. Correct. Andy: Have to go check everything in my company. I’ll be right back. jerry: I’m guessing that his lawyers will probably take about 2 million of the 2.61, but, Hey, it’s still. jerry: still. money, right? Andy: That’s crazy. It reminds me, it’s probably a lot of our listeners are too young for this, but.