D.C.'s top IT security official charged with bribery
Reports: former boss Vivek Kundra to take leave from new job as federal CIO until more details are known about FBI investigation
Computerworld - WASHINGTON — Federal law enforcement officials filed bribery charges today against the District of Columbia's acting chief security officer, along with a one-time D.C. government employee who owns an IT outsourcing company that runs offshore operations in India. Both were later arraigned in federal court.
What is drawing extra attention to this case is its connection to Vivek Kundra, the former chief technology officer for D.C. who last week was appointed by President Barack Obama to be the federal government's first official CIO.
There is nothing in the court documents from today's arraignment to indicate that Kundra had any knowledge of the alleged illegal activity that led to today's arrests. However, NBC News and other media outlets reported late today that Kundra is taking a leave from the federal CIO job until more is known about the FBI's investigation of his former organization.
Arrested this morning was Yusuf Acar, who currently is the District of Columbia's acting chief security officer; police said they found $70,000 in cash in his Washington home. Acar's annual salary is $127,468, according to court documents.
The second suspect arraigned on bribery charges is Sushil Bansal, CEO and founder of Advanced Integrated Technologies Corp. (AITC), a Washington-based outsourcing vendor that has won a number of contracts from the district's IT department. The court documents said that from March 2004 to February of this year, AITC did more than $13 million worth of business with the D.C. government.
Kundra was named CTO in D.C. in 2007. AITC received contracts before and after he was appointed to that job, including the extension of an IT security support deal that involved antivirus deployment and incident response services.
In court, a somber U.S. District Judge John Facciola told Acar that the alleged crimes "speak of bribery" and added that these "are serious federal charges." Acar, 40, said nothing in court other than to state his name.
The U.S. attorney representing the government in the case, Tom Hibarger, told Facciola that Acar posed "a serious risk of flight." According to Hibarger, Acar has relatives in Turkey and had made statements that he was ready to leave the country "and take a large amount of currency with him."
Acar was ordered held without bail. Bansal was released, but ordered not to leave the area.
In an affidavit, the federal government alleged that Acar worked with a vendor to submit a purchase order for one quantity of goods, "and in actuality a lesser quantity [was] ordered and delivered." The scheme was complex and involved adding people to the payroll who didn't exist -- they were called "ghost employees." Payments were allegedly made to those "workers."
Acar is also accused of hiring ghost employees through a vendor and allegedly approving timesheets for them.
In what the government officials described as the "McAfee Software Scheme," Bansal's firm submitted a purchase order for 2,000 units of McAfee Foundstone software, which is used to provide automated scanning and vulnerability assessments, for $104,166. McAfee generated a quote for AITC for the purchase of 500 units of the software at $36,845, but AITC, the provider in this case, charged the D.C. government for 2,000 licenses.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!