Aerojet Rocketdyne to pay $9 mn to resolve cybersecurity allegations

Rocket engine maker Aerojet Rocketdyne has agreed to pay $9 million to resolve allegations it misrepresented its compliance with cybersecurity requirements in government contracts.
VC funding for techAerojet provides propulsion and power systems for launch vehicles, missiles and satellites and other space vehicles to the Pentagon, NASA and other federal agencies.

The U.S. Justice Department said the settlement resolves a 2015 lawsuit filed by former Aerojet employee Brian Markus under the whistleblower provisions of the False Claims Act.

Markus and Aerojet reached a settlement of the case on the second day of trial in April. He will receive $2.61 million as his share of the settlement. The settlement was approved on July 5 by a U.S. District Court in California, Reuters news report said.

A court filing from Markus said between July 2013 and September 2015, Aerojet received over $2.6 billion in government funds by fraudulently procuring Defense Department and National Aeronautics and Space Administration (NASA) contracts that were essential components of America’s national defense and aerospace programs by falsely representing it complied with cybersecurity regulations.

After a 2013 cyberattack, Aerojet hired Markus as a senior cyber security official but Markus said he did not have the budget or staff Aerojet had promised. He also claimed Aerojet in 2015 concealed from its board that the company was not compliant with cyber security requirements.

Aerojet said in its defense in an April court filing that it made disclosures to government agencies regarding the state of its compliance with these cybersecurity standards in 2014, 2015, and beyond.

Aerojet Rocketdyne did not admit any wrongdoing as part of the settlement.

“Whistleblowers with inside information and technical expertise can provide crucial assistance in identifying knowing cybersecurity failures and misconduct,” said Principal Deputy Assistant Attorney General Brian Boynton.