Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Georgian Cyber Security. Show all posts

Georgia Tech Faces DOJ Lawsuit Over Alleged Lapses in Cybersecurity for Defense Contracts

 

Researchers at the Georgia Institute of Technology, who have received over $1 billion in Defense Department contracts, are facing scrutiny for allegedly failing to secure their computers and servers, citing that doing so was too “burdensome.” Since 2013, the Department of Defense has mandated that any contractor handling sensitive data provide “adequate security” on their systems. 

However, at Georgia Tech, laboratory directors reportedly resisted developing a security plan and opposed IT department efforts to implement basic antivirus and anti-malware software. Two IT department employees filed a whistleblower lawsuit, leading the Department of Justice (DOJ) to join the case against the university and the Georgia Tech Research Corporation (GTRC), the nonprofit entity managing government contracts. The lawsuit claims that the Astrolavos Lab at Georgia Tech delayed creating and implementing a security plan, as required by the government contracts. 

When a plan was finally created in 2020, it did not cover all relevant devices, according to the DOJ. Furthermore, the lab, whose mission is to address the security of emerging technologies critical to national security, did not install or update antivirus or anti-malware tools until December 2021. The lab allegedly fabricated compliance reports sent to the Defense Department. The reasons behind these alleged security lapses reportedly stem from campus politics. The DOJ complaint suggests that researchers bringing in substantial government funding were viewed as “star quarterbacks,” using their influence to resist compliance with federal cybersecurity mandates. 

Between 2019 and 2022, GTRC secured more than $1.6 billion in government contracts, with over $423 million in 2022 alone. The whistleblowers, Christopher Craig and Kyle Koza, filed the suit under the False Claims Act, allowing them to receive a portion of any recovered funds. Georgia Tech and GTRC face nine counts, including fraud, breach of contract, negligence, and unjust enrichment, with the DOJ seeking damages to be determined at trial. The DOJ stressed the importance of cybersecurity compliance by government contractors to safeguard U.S. information against threats from malicious actors. 

Meanwhile, Georgia Tech expressed disappointment at the DOJ’s filing, arguing it misrepresents the university’s culture and integrity, claiming that the government itself had indicated that the research did not require cybersecurity restrictions. Georgia Tech has vowed to dispute the case in court, maintaining that there was no data breach or leak and reaffirming its commitment to cybersecurity and collaboration with federal agencies.  

This case is notable given recent cybersecurity threats faced by major universities, such as the University of Utah and Howard University, where ransomware attacks have resulted in significant financial losses.

Georgia goes after crypto miners

On January 10, Georgian Economy Minister Natia Turnava told reporters that the Government of Georgia and the energy distribution company Energo-pro Georgia are engaged in solving the problem of illegal mining of cryptocurrencies in the Svaneti region, which leads to an overload of power grids.

The problem is connected with a sharp increase in electricity consumption over the past year in the Mestia region of Svaneti. Widespread mining in the area is associated with low tariffs for businesses in the highland area and free electricity for the local population.

In December, the Georgian authorities had to introduce an electricity supply schedule in Mestia due to network congestion and recurring accidents.

"Of course, illegal electricity consumption is unacceptable, especially the so-called problems with household mining, which, as we know, exist there. We are working with the local government, as well as with Energo-pro Georgia, which supplies electricity to Svaneti, to solve this issue step by step," Turnava said.

She added that she does not think it is justified to involve the police in identifying the mining farms. The Minister of Economy hopes that the population itself is aware of the threat to the tourism sector inherent in the district, and will draw conclusions about this based on its own interests.

It's interesting to note that at the end of December, Mestia residents held protests demanding the closure of mining farms and accused the authorities of patronizing miners.

Energo-pro Georgia announced that it will be forced to introduce tariffs for the population in this situation. Before the New Year, local residents swore on an icon in the church that they would turn off all mining farms in the area. But after the New Year, the energy distribution company said that electricity consumption has not decreased.

According to a study by the Cambridge Center for Alternative Finance, in 2018 Georgia was in second place in terms of the amount of electricity spent on mining cryptocurrencies — 60 megawatts.