Advertisement

Cisco will pay $8.6 million to settle claims it sold US flawed surveillance software

The Department of Homeland Security and four branches of the U.S. military had purchased the affected software.
Cisco
(Praytino / Flickr)

Technology giant Cisco has agreed to pay $8.6 million to settle allegations it knowingly sold video surveillance equipment with security vulnerabilities to federal, state and local government agencies, according to court records unsealed Wednesday.

A company whistleblower first informed Cisco in 2008 that a bug in its surveillance software could have enabled hackers to monitor video footage, delete footage and turn on or disable the systems. Government entities including the U.S. Secret Service, the Federal Emergency Management Agency and the New York Police Department had purchased the software, according to the Washington Post, which first reported the news. Cisco’s settlement appears to be the first whistleblower resolution of the False Claims Act, which prohibits defrauding the government, regarding cybersecurity issues.

“The tech industry needs to fulfill its professional responsibility to protect the public from their products and services,” whistleblower James Glenn said in a statement. “There’s this culture that tends to prioritize profit and reputation over doing what’s right. I hope coming forward with my experience causes many others in the tech community to think about their ethical mandate.”

The Department of Homeland Security as well as the Army, Navy, Air Force and Marine Corps also had purchased the affected software, along with a number of prisons. There is no evidence to indicate the bug, which existed for roughly four years, per the Post, had been exploited.

Advertisement

The settlement comes amid mounting concerns in Washington about the security of the technology the government and military rely on. The White House issued an executive order in May prohibiting U.S. companies from using telecommunications equipment manufactured by companies beholden to foreign governments that may engage in economic espionage.

Cisco’s resolution comes after the security vendor Fortinet agreed to pay $545,000 to settle allegations is violated the False Claims Act by intentionally selling the U.S. military equipment that had been produced in China, but made to appear as if it were American-made.

Latest Podcasts