The post 2022 Best Bosses in Fed IT voting is open appeared first on FedScoop.

The tech company hopes to overturn the initial ruling of the U.S. Court of Federal Claims, which identified issues with the $10 billion cloud contract’s award structure but said that potential conflicts of interest had not affected Oracle’s chances or cost it the deal. Oracle then brought its case to a federal appeals court, which also quashed its appeal.

The new brief comes after Amazon earlier this month filed its own arguments in this case as a co-defendant, calling on the Supreme Court to avoid making a decision over the contract because it contained disputes over matters of fact rather than disputes over points of law.

According to Oracle’s lawyers, the appeals court in its prior judgment failed to consider the fact that a criminal conflict of interest “alone” renders a federal contract unenforceable.

“Both of those two errors are mistakes of law, not fact,” Oracle said in its submission to the court.

The cloud computing company argues that the U.S. Court of Appeals made a serious error when it rebuffed an early appeal and kept the contract award intact.

JEDI is a key component of the Department of Defense’s larger enterprise cloud strategy. The contract was first put up for bid in 2018 before DOD awarded it to Microsoft in late 2019, but since then, it’s been largely dormant due to a separate legal protest led by Amazon.

But even before that award, Oracle has been waging an ongoing legal battle. It started in August 2018 with a pre-award bid protest filed to the Government Accountability Office, claiming that the sole-source structure of the award is not justified and arguing in court documents that links between DOD employees and Amazon Web Services had hurt its chances at competing for the contract. After GAO denied the protest, Oracle took its case to the Court of Federal Claims, then the U.S. Court of Appeals, and now its reached the nation’s highest court.

Meanwhile, the DOD has been reassessing what it might do if JEDI is held up much longer in the courts. Earlier this month, Deputy Secretary of Defense Kathleen Hicks said DOD could take a new direction on the contract by next month, and that it was “actively looking at [its] options.”

Previously, a Court of Federal Claims judge granted AWS’s requested timeline for hearings in its separate litigation. The web hosting giant continues to seek the disclosure of additional internal communications from the Department of Defense, including emails and Slack messages.

This followed a decision in April by the same court to stop the government from dismissing AWS’s allegations of political interference, elongating the timeline for a decision in that case. AWS has protested the DOD’s decision to award the deal to Microsoft, alleging that the procurement was influenced by former President Donald Trump, who has publicly criticized Amazon founder and Washington Post owner Jeff Bezos.

AWS and Oracle did not respond to a request for comment.

The post Oracle petitions Supreme Court over $10B JEDI protest appeared first on FedScoop.

Hackers within the Russian group Nobelium are believed to have accessed USAID’s Constant Contact email marketing service account, according to Microsoft, who published a blog post late Thursday on the attack. Once the group had access to the USAID account, it began a larger intelligence-gathering phishing campaign targeting 3,000 email accounts at more than 150 different organizations, including other agencies, think tanks, contractors and non-governmental organizations.

It’s unclear from the blog post whether the attackers accessed other USAID systems or data. Microsoft did not comment beyond the information in the blogs.

“[T]he actor was able to distribute phishing emails that looked authentic but included a link that, when clicked, inserted a malicious file used to distribute a backdoor we call NativeZone,” Microsoft’s Tom Burt wrote in the blog post. “This backdoor could enable a wide range of activities from stealing data to infecting other computers on a network.”

Microsoft said it detected the activity this week and said that its services automatically block many of the attacks, adding that there’s “no reason to believe these attacks involve any exploit against or vulnerability in Microsoft’s products or services.”

Microsoft began tracking the so-called spear-phishing campaign — where an attacker uses social engineering and deception, often via email, to target specific individuals — in February, but the situation escalated in April, the company said, before the USAID emails were sent May 25.

The incident remains active, according to Microsoft, and the company will add more details when they become available.

“Microsoft security researchers assess that the Nobelium’s spear-phishing operations are recurring and have increased in frequency and scope,” the company said in a separate post. “It is anticipated that additional activity may be carried out by the group using an evolving set of tactics.”

The Nobelium group is believed to have been responsible for the SolarWinds attacks that have affected at least nine federal agencies and many more organizations within the contracting base and wider industry. In this latest breach, however, Microsoft says that the group took an approach that “differs significantly” from the SolarWinds campaign, which targeted the firm’s Orion software to access victims’ networks.

News of the ongoing campaign comes as President Joe Biden is set to take a meeting with Russian President Vladimir Putin in Geneva next month as the U.S. looks “to restore predictability and stability to the U.S.-Russia relationship.”

In a statement to FedScoop, USAID acting spokesperson Pooja Jhunjhunwala, said: “The U.S. Agency for International Development (USAID) became aware of potentially malicious email activity from a compromised Constant Contact email marketing account.

“The forensic investigation into this security incident is ongoing. USAID has notified and is working with all appropriate Federal authorities, including the U.S. Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA).”

A spokesperson for Constant Contact said: “We are aware that the account credentials of one of our customers were compromised and used by a malicious actor to access the customer’s Constant Contact accounts.

“This is an isolated incident, and we have temporarily disabled the impacted accounts while we work in cooperation with our customer, who is working with law enforcement.”

The post USAID hit with cyberattack by Russian-backed group Nobelium: Microsoft appeared first on FedScoop.

He takes up the role of assistant director at the unit, after previously working as chief enterprise architect at the Small Business Administration (SBA). Hunt reports directly to the agency’s CIO, David Bottom.

Prior to working at the SBA, he was cloud policy lead at the Office of Management and Budget, and before that was a digital services expert at the Department of Veterans Affairs.

Earlier in his career, Hunt held frontline development roles at nonprofit organizations including the Sunlight Foundation and the OpenGov Foundation. Before this, he worked in the private sector, including as a developer at WillowTree Apps and Boyd Caton and Grant Transportation Group.

During the COVID-19 pandemic, the SBA was tasked by Congress with distributing about $350 billion in small business loans and grants. The agency spends a little more than $100 million on IT annually.

The SEC’s Cloud Center of Excellence was established with a view to accelerating the implementation of new systems at the agency and to promoting experimentation. In 2019 the Office of Inspector General identified failings of the SEC’s adoption of cloud computing services, including that it had not effectively implemented strategy or tracked related goals.

The SEC did not respond to a request for comment on Hunt’s appointment.

The post Bill Hunt joins SEC’s Cloud Center of Excellence appeared first on FedScoop.

In its study published Thursday, the agency said that according to industry sources, rates have surged. It also cited a recent insurance broker survey, which found that premiums for more than half of clients rose by 20% to 30% in late 2020.

“After holding relatively steady in 2017 and 2018, cyber insurance premiums increased markedly in 2020,” the agency said in its report. “Higher prices for cyber insurance have coincided with increased demand for the product and higher insurer losses from increasingly frequent and severe cyberattacks (particularly ransomware attacks that block users from accessing systems or data until a ransom is paid).”

GAO has studied the private cyber insurance market in response to new requirements included in the National Defense Authorization Act for the fiscal year 2021.

Most publicly listed companies purchase standalone cyber coverage as part of their risk management operations, as do some public sector entities such as state governments and agencies.

The report found also that insurers are offering lower coverage limits, and noted that insurance companies have limited historical data on most losses.

Insurance companies are offering lower coverage limits and increasingly encouraging clients to purchase specific, standalone cyber policies. Previously, many insurers have offered cyber coverage as an optional add-on to other types of policies, such as property insurance.

This has created aggregation risk for the insurance market, which is known as “silent cyber.”

According to GAO, the language used in cyber policies also often lacks common definitions.

Cyber insurance companies’ appetite for writing policies for public sector entities has declined substantially in recent months, following a slew of high-profile attacks, including attacks against Texas’ Department of Transportation and state court system.

The post Government Accountability Office highlights rising cost of cyber insurance appeared first on FedScoop.

In the missive, which was sent on Thursday, 10 senior politicians called on Secretary of Defense Lloyd Austin to address the data pile-up. Signatories of the letter included Rep. Carolyn Maloney, chairwoman of the Committee on Oversight and Reform, D-N.Y., and Rep. Glenn Grothman, R-Wisc., who is a ranking member on the committee’s National Security Subcommittee.

Veterans across the U.S. require access to the records in order to receive service-related benefits such as medical treatment, unemployment assistance, home loans and emergency services for unhoused veterans.

Since implementing workplace restrictions at the start of the coronavirus crisis last year, the National Archives and Records Administration (NARA) has been unable to process thousands of requests for veterans’ records.

The call for assistance comes after NARA earlier this month requested help for pandemic recovery operations at its personnel records center. At the time, the agency’s Chief Operating Officer William Bosanko asked the DOD to support the off-site sorting and batching of military personnel folders to speed the retrieval of records.

“Veterans and their families depend on timely access to personnel records in order to receive life-saving medical care, emergency housing assistance, proper military burials, and other vital benefits earned through service to our country.

“We urge DOD to support the NPRC’s work and to ensure that we uphold our solemn pledge to care for our nation’s veterans,” the lawmakers said in the letter. “We respectfully ask DOD to prioritize and fulfill NARA’s request.”

According to NARA, as of May 10 the agency had a backlog of 500,000 delayed requests for veterans’ records.

The post Lawmakers urge Department of Defense to help address backlog of veterans’ records appeared first on FedScoop.

Under terms of the task order, Booz Allen will provide support for the VA’s benefits integration initiative, which is focused on reusing and expanding technologies used with the veteran benefits management system.

The contract award is the latest stage in a long-running attempt by the VA to modernize its benefits system, after lawmakers in 2017 passed legislation codifying systems improvement. The legislation requires an update to the way veterans can receive tuition and other benefits for higher education.

In March this year, VA announced it would build a new “Digital GI Bill” platform to increase communication between veterans, schools and the government. It awarded the contract to start building it to Accenture Federal Services.

The latest initiative is intended to increase the efficiency of technology systems within the Veterans Benefits Administration and the National Cemetery Administration.

VA issued the task order as part of its transformation twenty-one total technology contract (T4NG), which is used to procure IT services.

The task order comes after Booz Allen earlier this month announced that it would acquire federal IT consultancy firm Liberty, for $725 million.

The post Department of Veterans Affairs picks Booz Allen for $1.1B benefits processing contract appeared first on FedScoop.

Speaking Tuesday, Robert Westbrooks said the Pandemic Response Accountability Committee (PRAC) is working quickly to triage and process first the most significant datasets.

“We’re going dataset by dataset by dataset, acquiring them and ingesting them into our system, and trying to make sense of it and put them in context with other datasets.

“The biggest challenge is the volume, quite frankly. You have to prioritize, you can’t do it all immediately, so have to pick and choose: What are your priorities today, to have the biggest impact on the criminal side, and also more importantly for all of us taxpayers, on the fraud prevention side,” Westbrooks said at Informatica’s Data in Action Summit hosted by FedScoop.

Westbrooks is the executive director of PRAC, which is an independent oversight committee within the Council of the Inspectors General on Integrity and Efficiency.

PRAC is also working on cataloging lessons learned across all data-centric inspectors general fraud prevention work so that federal agencies are able to respond more effectively to future pandemics.

PRAC was created in the Coronavirus Aid, Relief and Economic Security (CARES) Act of 2020. It is tasked with overseeing funds distributed through the CARES Act and all follow-on pandemic relief legislation, which now totals over $5 trillion.

The post Oversight leader says volume of datasets ‘biggest challenge’ in COVID-19 fraud prevention appeared first on FedScoop.

Gina Ortiz Jones, Hurd’s competitor for his seat serving the 23rd District of Texas, issued a concession statement Monday almost two weeks since the midterm congressional election.

Hurd won the race by the slim margin of fewer than 1,200 votes, about 0.5 percent of all those cast. It seemed that Ortiz Jones would call for a recount, which she would have had to fund if she lost. However, after canvassing the district in recent days, she concluded: “we came up short this time.”

“I wish Will Hurd the courage to fight for TX-23 in the way in which our district deserves,” she said in a statement Monday.

Hurd originally claimed victory on Twitter and at his watch party on election night Nov. 6, despite having just a 689 vote lead at the time.

While he holds on to his seat, Hurd’s third term in the House will have a different dynamic from the first two, during which he has served as chairman of the House Oversight and Government Reform Subcommittee on IT. With Democrats taking the House majority in 2019, Hurd will not retain that gavel, and it’s unclear who the Democrats might install as chairman and whether Hurd will serve as the ranking Republican.

Hurd’s tenure on the subcommittee has been productive. He sponsored legislation like the Modernizing Government Technology Act and oversaw agencies’ implementation of the Federal IT Acquisition Reform Act. Those general trends shouldn’t change regardless of what role he takes in January when the 116th Congress kicks off.

“I’m proud that my constituents are sending me back to Congress for a historic third term so I can continue my bipartisan work on developing a National AI strategy, strengthening our nation’s cyber defenses, improving IT procurement throughout the government and implementing a cyber reserve program to bulk up our talent pipeline of cyber warriors,” Hurd told FedScoop.

The post Rep. Will Hurd survives close midterm race appeared first on FedScoop.

Foster’s last day is Aug. 19, before joining the National Credit Union Administration as deputy CIO, “where he will be responsible for delivery of IT services,” a Navy official told FedScoop in an email.

The Department of the Navy has not selected Foster’s replacement yet, the official said. Kelly Fletcher serves as principal deputy CIO.

Foster, appointed Navy CIO in June 2015, also spent time as deputy CIO at the Department of Health and Human Services, and the U.S. Immigration and Customs Enforcement after retiring from active duty in the Navy in 2007.

Foster received a FedScoop 50 award in 2015.

Federal News Radio first reported Foster’s departure.

The post CIO Rob Foster departing Navy appeared first on FedScoop.