Cybersecurity: Federal Agencies Need to Implement Recommendations to Manage Supply Chain Risks

What GAO Found

Federal agencies continue to face software supply chain threats. In December 2020, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency issued an emergency directive requiring agencies to take action regarding a threat actor that had been observed leveraging a software supply chain compromise of a widely used enterprise network management software suite—SolarWinds Orion. Subsequently, the National Security Council staff formed a Cyber Unified Coordination Group to coordinate the government response to the cyberattack. The group took a number of steps, including gathering intelligence and developing tools and guidance, to help organizations identify and remove the threat.

During the same month that the SolarWinds compromise was discovered, GAO reported that none of 23 civilian agencies had fully implemented selected foundational practices for managing information and communication technology (ICT) supply chain risks—known as supply chain risk management (SCRM) (see figure).

Twenty-three Civilian Agencies’ Implementation of Information and Communication Technology (ICT) Supply Chain Risk Management (SCRM) Practices

GAO stressed that, as a result of not fully implementing the foundational practices, the agencies were at a greater risk that malicious actors could exploit vulnerabilities in the ICT supply chain, causing disruptions to mission operations, harm to individuals, or theft of intellectual property. Accordingly, GAO recommended that each of the 23 agencies fully implement these foundational practices. In May 2021, GAO received updates from six of the 23 agencies regarding actions taken or planned to address its recommendations. However, none of the agencies had fully implemented the recommendations. Until they do so, agencies will be limited in their ability to effectively address supply chain risks across their organizations.

Why GAO Did This Study

Federal agencies rely extensively on ICT products and services (e.g., computing systems, software, and networks) to carry out their operations. However, agencies face numerous ICT supply chain risks, including threats posed by malicious actors who may exploit vulnerabilities in the supply chain and, thus, compromise the confidentiality, integrity, or availability of an organization’s systems and the information they contain. Recent events involving a software supply chain compromise of SolarWinds Orion, a network management software suite, and the shutdown of a major U.S. fuel pipeline due to a cyberattack highlight the significance of these threats.

GAO was asked to testify on federal agencies’ efforts to manage ICT supply chain risks. Specifically, GAO (1) describes the federal government’s actions in response to the compromise of SolarWinds and (2) summarizes its prior report on the extent to which federal agencies implemented foundational ICT supply chain risk management practices. To do so, GAO reviewed its previously published reports and related information. GAO has ongoing work examining federal agencies’ responses to SolarWinds and plans to issue a report on this in fall 2021.

More from:

Hits: 0

News Network

  • Eight US Manufacturers Selected to Make NASA COVID-19 Ventilator
    In Space
    A host of international [Read More…]
  • Disqualification of Pan-Democratic Lawmakers in Hong Kong
    In Crime Control and Security News
    Michael R. Pompeo, [Read More…]
  • Three Charged with Illegally Exporting Goods to Iran
    In Crime News
    The Justice Department announced today that three individuals have been charged in an indictment with conspiracy to export U.S. goods to Iran in violation of the International Emergency Economic Powers Act (IEEPA) and the Iranian Transactions and Sanctions Regulations (ITSR), as well as conspiracy to smuggle goods from the United States, and conspiracy to engage in international money laundering.
    [Read More…]
  • Houston man sent to prison for possessing over 56,000 images of child pornography
    In Justice News
    A 41-year-old [Read More…]
  • Information Technology: Key Attributes of Essential Federal Mission-Critical Acquisitions
    In U.S GAO News
    Federal agencies are undertaking information technology (IT) acquisitions that are essential to their missions. GAO identified 16 of these acquisitions as particularly critical to missions ranging from national security, to public health, to the economy (see table). GAO has previously reported on these acquisitions and the programs they support, and has made numerous recommendations to agencies for improvement. The amount agencies expect to spend on the selected acquisitions vary greatly depending on their scope and complexity, as well as the extent of transformation and modernization that agencies envision once the acquisitions are fully deployed. For example, the Department of Defense plans to spend $10.21 billion over 21 years on its health care modernization initiative, while the Department of Homeland Security intends to spend $3.19 billion over 30 years on its system supporting immigration benefits processing. Agencies reported potential cost savings associated with 13 of the 16 mission-critical acquisitions after deployment due to factors such as shutting down legacy systems, eliminating physical paper processing, and improving security, monitoring, and management. Eleven of the 16 selected acquisitions were rebaselined during their development, meaning that the project's cost, schedule, or performance goals were modified to reflect new circumstances. Agencies reported a number of reasons as to why their acquisitions were rebaselined, including delays in defining the cost, schedule, and scope; budget cuts and hiring freezes; technical challenges; and changes in development approach. As shown below, ten of the acquisitions relate to an additional programmatic area that GAO has designated high risk. Federal Agency Mission-Critical Information Technology Acquisitions Department of Agriculture Modernize and Innovate the Delivery of Agricultural Systems Department of Commerce 2020 Decennial Census* Department of Defense Defense Healthcare Management System Modernization* Global Combat Support System-Army* Department of Homeland Security Student and Exchange Visitor Information System Modernization* U.S. Citizenship and Immigration Services Transformation* Department of the Interior Automated Fluid Minerals Support System II* Department of Justice Next Generation Identification System Terrorist Screening System Department of State Consular System Modernization Department of Transportation Automatic Dependent Surveillance-Broadcast Department of the Treasury Customer Account Data Engine 2* Integrated Enterprise Portal* Department of Veterans Affairs Electronic Health Record Modernization* Small Business Administration Application Standard Investment Social Security Administration Disability Case Processing System 2* Legend: *= Acquisition relates to a programmatic area that GAO has previously designated as being high risk. Source: GAO analysis of agency data. | GAO-20-249SP The acquisition of IT systems has presented challenges to federal agencies. Accordingly, in 2015 GAO identified the management of IT acquisitions and operations as a high-risk area, a designation it retains today. GAO was asked to report on federal IT acquisitions. GAO's specific objective was to identify essential mission-critical IT acquisitions across the federal government and determine their key attributes. To identify acquisitions for the review, GAO administered a questionnaire to the 24 agencies covered by the Chief Financial Officers Act of 1990 asking them to identify their five most important mission-critical IT acquisitions. From a total of 101 acquisitions that were identified, GAO selected 16 mission-critical IT acquisitions to profile in this report. The selection was based on various factors, including the acquisition's criticality to providing service to the nation, its total life cycle costs, and its applicability to the President's Management Agenda. For each of the 16 selected acquisitions, GAO obtained and analyzed documents on cost, schedule, risks, governance, and related information; and interviewed cognizant agency officials. GAO requested comments from the 12 agencies with acquisitions profiled in its draft report and the Office of Management and Budget. In response, one agency (the Social Security Administration) provided comments that discussed the planned use of its system. For more information, contact Carol C. Harris at (202) 512-4456 or harriscc@gao.gov.
    [Read More…]
  • From NASA JPL’s Mailroom to Mars and Beyond
    In Space
    Bill Allen has thrived [Read More…]
  • Founder and CEO of Iranian Financial Services Firm Sentenced to Prison for Conspiring to Violate U.S. Sanctions
    In Crime News
    Assistant Attorney General for National Security John C. Demers and U.S. Attorney Erica H. MacDonald today announced the sentencing of Seyed Sajjad Shahidian, 33, to 23 months in prison for his role in conducting financial transactions in violation of U.S. sanctions against Iran. Shahidian, who pleaded guilty on June 18, 2018, was sentenced today before Judge Patrick J. Schiltz in U.S. District Court in Minneapolis, Minnesota. Shahidian, a citizen of Iran, was arrested in London, England on Nov. 11, 2018, and, on May 15, 2020, was extradited to the United States.
    [Read More…]
  • On the 41st Anniversary of the U.S. Embassy Takeover in Tehran
    In Crime Control and Security News
    Michael R. Pompeo, [Read More…]
  • Air Deliveries Bring NASA’s Perseverance Mars Rover Closer to Launch
    In Space
    A NASA Wallops Flight [Read More…]
  • Canadian National Charged with Alien Smuggling Conspiracy and Attempting to Bring Aliens to the United States
    In Crime News
    Cooperation efforts between United States and Turks and Caicos Islands law enforcement authorities culminated in today’s extradition to the United States of a Canadian national who has been charged with alien smuggling offenses.
    [Read More…]
  • Judicial Conference Approves Measures to Increase Security for Federal Judges
    In U.S Courts
    A series of recommendations to upgrade and expand security for federal judges and increase Congressional funding to support the security program have been approved by the federal Judiciary’s national policy-making body.
    [Read More…]
  • Agricultural Developer Agrees to Pay Clean Water Act Fines, Mitigate Impacts to Sensitive Streams and Wetlands
    In Crime News
    A California agricultural developer has agreed to pay a civil penalty, preserve streams and wetlands, effect mitigation, and be subject to a prohibitory injunction to resolve alleged violations of the Clean Water Act (CWA) on property near the Sacramento River located in Tehama County, California, the Justice Department announced today.
    [Read More…]
  • Assistant Secretary for East Asian and Pacific Affairs David R. Stilwell on the Secretary’s Travel to Japan, Mongolia, and the Republic of Korea
    In Crime Control and Security News
    David R. Stilwell, [Read More…]
  • Announcement of Visa Restrictions on Those Undermining the Peaceful Resolution of the Crisis in the Anglophone Regions of Cameroon
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Electricity Grid Resilience: Climate Change Is Expected to Have Far-reaching Effects and DOE and FERC Should Take Actions
    In U.S GAO News
    What GAO Found Climate change is expected to have far-reaching effects on the electricity grid that could cost billions and could affect every aspect of the grid from generation, transmission, and distribution to demand for electricity, according to several reports GAO reviewed. The type and extent of these effects on the grid will vary by geographic location and other factors. For example, reports GAO reviewed stated that more frequent droughts and changing rainfall patterns may adversely affect hydroelectricity generation in Alaska and the Northwest and Southwest regions of the United States. Further, transmission capacity may be reduced or distribution lines damaged during increasing wildfire activity in some regions due to warmer temperatures and drier conditions. Moreover, climate change effects on the grid could cost utilities and customers billions, including the costs of power outages and infrastructure damage. Examples of Climate Change Effects on the Electricity Grid Since 2014, the Department of Energy (DOE) and the Federal Energy Regulatory Commission (FERC) have taken actions to enhance the resilience of the grid. For example, in 2015, DOE established a partnership with 18 utilities to plan for climate change. In 2018, FERC collected information from grid operators on grid resilience and their risks to hazards such as extreme weather. Nevertheless, opportunities exist for DOE and FERC to take additional actions to enhance grid resilience to climate change. For example, DOE identified climate change as a risk to energy infrastructure, including the grid, but it does not have an overall strategy to guide its efforts. GAO's Disaster Resilience Framework states that federal efforts can focus on risk reduction by creating resilience goals and linking those goals to an overarching strategy. Developing and implementing a department-wide strategy that defines goals and measures progress could help prioritize DOE's climate resilience efforts to ensure that resources are targeted effectively. Regarding FERC, it has not taken steps to identify or assess climate change risks to the grid and, therefore, is not well positioned to determine the actions needed to enhance resilience. Risk management involves identifying and assessing risks to understand the likelihood of impacts and their associated consequences. By doing so, FERC could then plan and implement appropriate actions to respond to the risks and achieve its objective of promoting resilience. Why GAO Did This Study According to the U.S. Global Change Research Program, changes in the earth's climate are under way and expected to increase, posing risks to the electricity grid that may affect the nation's economic and national security. Annual costs of weather-related power outages total billions of dollars and may increase with climate change, although resilience investments could help address potential effects, according to the research program. Private companies own most of the electricity grid, but the federal government plays a significant role in promoting grid resilience—the ability to adapt to changing conditions; withstand potentially disruptive events; and, if disrupted, to rapidly recover. DOE, the lead agency for grid resilience efforts, conducts research and provides information and technical assistance to industry. FERC reviews mandatory grid reliability standards. GAO was asked to examine U.S. energy infrastructure resilience. This report describes: (1) potential climate change effects on the electricity grid; and (2) actions DOE and FERC have taken since 2014 to enhance electricity grid resilience to climate change effects, and additional actions these agencies could take. GAO reviewed reports and interviewed agency officials and 55 relevant stakeholders.
    [Read More…]
  • Visa and Plaid Abandon Merger After Antitrust Division’s Suit to Block
    In Crime News
    The Department of Justice announced today that Visa Inc. and Plaid Inc. have abandoned their planned $5.3 billion merger.
    [Read More…]
  • Federal Research: Agencies Need to Enhance Policies to Address Foreign Influence
    In U.S GAO News
    U.S. research may be subject to undue foreign influence in cases where a researcher has a foreign conflict of interest (COI). Federal grant-making agencies can address this threat by implementing COI policies and requiring the disclosure of information that may indicate potential conflicts. GAO reviewed five agencies—which together accounted for almost 90 percent of all federal research and development expenditures at universities in fiscal year 2018—and found that three have agency-wide COI policies, while two do not (see figure). The three agencies with existing policies focus on financial interests but do not specifically address or define non-financial interests, such as multiple professional appointments. In the absence of agency-wide COI policies and definitions on non-financial interests, researchers may not fully understand what they need to report on their grant proposals, leaving agencies with incomplete information to assess the risk of foreign influence. GAO found that, regardless of whether an agency has a conflict of interest policy, all five agencies require researchers to disclose information—such as foreign support for their research—as part of the grant proposal that could be used to determine if certain conflicts exist. Elements of Conflict of Interest (COI) Policies at Agencies with the Most Federal Research Expenditures at Universities Based on a review of university documents, GAO found that all 11 of the universities in its sample have publicly available financial and non-financial COI policies for federally funded research. These policies often align with the financial COI policies or requirements of the grant-making agencies. All five agencies have mechanisms to monitor and enforce their policies and disclosure requirements when there is an alleged failure to disclose required information. All agencies rely on universities to monitor financial COI, and most agencies collect non-financial information such as foreign collaborations, that can help determine if conflicts exist. Agencies have also taken actions in cases where they identified researchers who failed to disclose financial or non-financial information. However, three agencies lack written procedures for handling allegations of failure to disclose required information. Written procedures for addressing alleged failure to disclose required information help agencies manage these allegations and consistently apply enforcement actions. In interviews, stakeholders identified opportunities to improve responses to foreign threats to research, such as harmonizing grant application requirements. Agencies have begun to address such issues. The federal government reportedly expended about $42 billion on science and engineering research at universities in fiscal year 2018. Safeguarding the U.S. research enterprise from threats of foreign influence is of critical importance. Recent reports by GAO and others have noted challenges faced by the research community to combat undue foreign influence, while maintaining an open research environment that fosters collaboration, transparency, and the free exchange of ideas. GAO was asked to review federal agency and university COI policies and disclosure requirements. In this report, GAO examines (1) COI policies and disclosure requirements at selected agencies and universities that address potential foreign threats, (2) mechanisms to monitor and enforce policies and requirements, and (3) the views of selected stakeholders on how to better address foreign threats to federally funded research. GAO reviewed laws, regulations, federal guidance, and agency and university COI policies and requirements. GAO also interviewed agency officials, university officials, and researchers. GAO is making nine recommendations to six agencies, including that grant-making agencies address non-financial conflicts of interest in their COI policies and develop written procedures for addressing cases of failure to disclose required information. Five agencies agreed with GAO's recommendations. The National Science Foundation neither agreed nor disagreed with GAO's recommendation, but identified actions it plans to take in response. For more information, contact Candice N. Wright at (202) 512-6888 or wrightc@gao.gov.
    [Read More…]
  • Former Louisiana Police Officer Indicted for Assaulting an Arrestee
    In Crime News
    A federal grand jury in Shreveport, Louisiana, returned an indictment charging a former Shreveport police officer with assaulting an arrestee in Caddo Parish. 
    [Read More…]
  • TSA Acquisitions: TSA Needs to Establish Metrics and Evaluate Third Party Testing Outcomes for Screening Technologies
    In U.S GAO News
    In 2013, the Transportation Security Administration (TSA) introduced the concept of third party testing—having an independent testing entity verify that a security screening system meets certain requirements. The concept is that screening system vendors would take this additional step either prior to submitting their technologies to TSA or if their system failed TSA's test and evaluation process. The goal is for third party testing to reduce the time and resources that TSA spends on its own testing. However, since introduced, TSA has directed only three vendors that failed TSA tests to use third party testing, with varying outcomes. In two other cases, TSA supplemented its test capabilities by using third party testers to determine that systems installed at airports were working properly. TSA officials and industry representatives pointed to several reasons for third party testing's limited use since 2013, such as the cost to industry to use third party testers and TSA's reluctance to date to accept third party test data as an alternative to its own. Despite this, TSA officials told GAO they hope to use third party testing more in the future. For example, in recent announcements to evaluate and qualify new screening systems, TSA stated that it will require a system that fails TSA testing to go to a third party tester to address the identified issues (see figure). Example of Use of Third Party Testing When a System Experiences a Failure in TSA's Testing TSA set a goal in 2013 to increase screening technology testing efficiency. In addition, TSA reported to Congress in January 2020 that third party testing is a part of its efforts to increase supplier diversity and innovation. However, TSA has not established metrics to determine third party testing's contribution toward the goal of increasing efficiency. Further, GAO found no link between third party testing and supplier diversity and innovation. Some TSA officials and industry representatives also questioned third party testing's relevance to these efforts. Without metrics to measure and assess the extent to which third party testing increases testing efficiency, TSA will be unable to determine the value of this concept. Similarly, without assessing whether third party testing contributes to supplier diversity and innovation, TSA cannot know if third party testing activities are contributing to these goals as planned. TSA relies on technologies like imaging systems and explosives detection systems to screen passengers and baggage to prevent prohibited items from getting on board commercial aircraft. As part of its process of acquiring these systems and deploying them to airports, TSA tests the systems to ensure they meet requirements. The 2018 TSA Modernization Act contained a provision for GAO to review the third party testing program. GAO assessed the extent to which TSA (1) used third party testing, and (2) articulated its goals and developed metrics to measure the effects of third party testing. GAO reviewed TSA's strategic plans, acquisition guidance, program documentation, and testing policies. GAO interviewed officials from TSA's Test and Evaluation Division and acquisition programs, as well as representatives of vendors producing security screening systems and companies providing third party testing services. GAO is recommending that TSA develop metrics to measure the effects of third party testing on efficiency, assess its effects on efficiency, and assess whether third party testing contributes to supplier diversity and innovation. DHS concurred with GAO's three recommendations and has actions planned to address them. For more information, contact Marie A. Mak at (202) 512-4841 or MakM@gao.gov.
    [Read More…]
  • Panama Travel Advisory
    In Travel
    Do not travel to Panama [Read More…]
  • Deputy Attorney General Jeffrey A. Rosen Delivers Remarks at Announcement of Results of Operation Disruptor
    In Crime News
    Good morning. I am pleased to be joined today by FBI Director Christopher Wray, DEA Acting Administrator Timothy Shea, ICE Acting Deputy Director Derek Benner, and Chief Postal Inspector Gary Barksdale.
    [Read More…]
  • Monaco National Day
    In Crime Control and Security News
    Michael R. Pompeo, [Read More…]
  • Inaugural U.S.-Lebanon Defense Resourcing Conference
    In Crime Control and Security News
    Office of the [Read More…]
  • Ambassador at Large for International Religious Freedom Samuel D. Brownback On the 2020 Ministerial to Advance Freedom of Religion or Belief and the International Religious Freedom or Belief Alliance Ministers’ Forum
    In Crime Control and Security News
    Samuel D. Brownback, [Read More…]
  • Statement from Attorney General William P. Barr on the Resignation of Seattle Police Chief Carmen Best
    In Crime News
    Attorney General William P. Barr issued the following statement in response to the resignation of Seattle Police Chief Carmen Best:
    [Read More…]
  • The United States Impedes Hizballah Financing by Sanctioning Seven Individuals
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Justice Department Concludes Its Investigation of D.C.-Area Private High Schools’ Decision to Stop Offering Advanced Placement Courses
    In Crime News
    The Department of Justice announced today that it has completed its investigation into whether Georgetown Day School, Holton-Arms School, Landon School, Maret School, National Cathedral School, The Potomac School, St. Albans School, and Sidwell Friends School (jointly, “the Schools”) collectively agreed to stop offering Advanced Placement (AP) courses by 2022 in violation of the Sherman Act.  The Schools announced in June 2018 that they would eliminate AP courses from their curricula by 2022. 
    [Read More…]
  • GAO Audits Involving DOD: Status of Efforts to Schedule and Hold Timely Entrance Conferences
    In U.S GAO News
    GAO began 42 new audits that involved the Department of Defense (DOD) in the third quarter of fiscal year 2020. Of the 42 requested entrance conferences (i.e., initial meetings between agency officials and GAO staff) for those audits, DOD scheduled 41 within 14 days of notification and held all 42 entrance conferences within 30 days of notification. Scheduling was delayed for one entrance conference, which was scheduled 21 days after notification, because DOD and GAO were working to reach agreement on the primary action officer, which is the appropriate office or component within the department that coordinates DOD's response to the audit. The entrance conference was held 8 days after it was scheduled. Entrance conferences allow GAO to communicate its audit objectives and enable agencies to assign key personnel to support the audit work. GAO's agency protocols govern GAO's relationships with audited agencies. These protocols assist GAO in scheduling entrance conferences with key agency officials within 14 days of receiving notice of a new audit. The ability of the Congress to conduct effective oversight of federal agencies is enhanced through the timely completion of GAO audits. In past years, DOD experienced difficulty meeting the protocol target for the timely facilitation of entrance conferences. In Senate Report 116-48 accompanying a bill for the National Defense Authorization Act for Fiscal Year 2020, the Senate Armed Services Committee included a provision for GAO to review DOD's scheduling and holding of entrance conferences. In this report, GAO's agency protocols govern GAO's relationships with audited agencies. These protocols assist GAO in scheduling entrance conferences with key agency officials within 14 days of receiving notice of a new audit. The ability of the Congress to conduct effective oversight of federal agencies is enhanced through the timely completion of GAO audits. In past years, DOD experienced difficulty meeting the protocol target for the timely facilitation of entrance conferences. In Senate Report 116-48 accompanying a bill for the National Defense Authorization Act for Fiscal Year 2020, the Senate Armed Services Committee included a provision for GAO to review DOD's scheduling and holding of entrance conferences. In this report, GAO evaluates the extent to which DOD scheduled entrance conferences within 14 days of receiving notice of a new audit, consistent with GAO's agency protocols, and held those conferences within 30 days. This is the third of four quarterly reports that GAO will produce on this topic for fiscal year 2020. In the first two quarterly reports, GAO found that DOD had improved its ability to meet the protocol target. GAO analyzed data on GAO audits involving DOD and initiated in the third quarter of fiscal year 2020 (April 1, 2020, through June 30, 2020). Specifically, GAO identified the number of notification letters requesting entrance conferences that were sent to DOD during that time period. GAO determined the number of days between when DOD received the notification letter for each new audit and when DOD scheduled the entrance conference and assessed whether DOD scheduled entrance conferences within 14 days of notification, which is the time frame identified in GAO's agency protocols. GAO also determined the date that each requested entrance conference was held by collecting this information from the relevant GAO team for each audit and assessed whether DOD held entrance conferences for new audits within 30 days of notification, which was the time frame identified in the mandate for this review For more information, contact Elizabeth Field at (202) 512-2775 or Fielde1@gao.gov.
    [Read More…]
  • Execution Scheduled for Federal Death Row Inmate Convicted of Murdering a Child
    In Crime News
    Attorney General William [Read More…]
  • Brooklyn Man Pleads Guilty in Manhattan Federal Court to Attempting to Provide Material Support to ISIS
    In Crime News
    The Department of Justice announced that Zachary Clark, a/k/a “Umar Kabir,” a/k/a “Umar Shishani,” a/k/a “Abu Talha,” pleaded guilty to attempting to provide material support to the Islamic State of Iraq and al-Sham (ISIS). Clark pled guilty today in Manhattan federal court before U.S. District Judge Naomi Reice Buchwald. Judge Buchwald is scheduled to sentence Clark on Feb. 9, 2021, at 12:00 p.m.
    [Read More…]
  • The United States Condemns Attack on Saudi Arabia
    In Crime Control and Security News
    Ned Price, Department [Read More…]
  • Florida and Tennessee Pain Clinic Owner Extradited from Italy to the United States to Face RICO Charges
    In Crime News
    A dual U.S.-Italian national was extradited from Italy to the United States on Nov. 20. The U.S. Marshals Service effectuated the transportation of the defendant from Lamezia Terme, Calabria to Knoxville, Tennessee.
    [Read More…]
  • Five Individuals Charged for Roles in $65 Million Nationwide Conspiracy to Defraud Federal Health Care Programs
    In Crime News
    The owners of four orthotic brace suppliers and several marketing companies were charged in a complaint unsealed yesterday for allegedly orchestrating a nationwide kickback and bribery scheme to order medically unnecessary orthotic braces for Medicare beneficiaries.
    [Read More…]
  • Man Pleads Guilty to Attempting to Provide Material Support to Foreign Terrorist Organizations
    In Crime News
    A New York man pleaded guilty to attempting to provide material support and resources to the Islamic State of Iraq and al-Sham (ISIS) and the al-Nusrah Front, both designated by the U.S. Secretary of State as foreign terrorist organizations.
    [Read More…]
  • Warsaw Process Humanitarian Issues and Refugees Working Group Convenes in Brasilia
    In Human Health, Resources and Services
    Office of the [Read More…]
  • Defense Health Care: Implementation of Value-Based Initiatives in TRICARE
    In U.S GAO News
    The Defense Health Agency (DHA)—the agency within the Department of Defense (DOD) that administers DOD's health care program, TRICARE—has identified a number of value-based initiatives for potential implementation with civilian providers and hospitals under the TRICARE program. These initiatives aim to help DHA build a value-based health care delivery system, in which providers are rewarded for value of services provided instead of volume of services provided. For these initiatives, value is generally measured in terms of improved health outcomes, enhanced experience of care for the patient, and reduced health care costs over time. GAO found that DHA has identified 20 value-based initiatives, including a program that makes incentive payments for hospitals that meet certain quality metrics for maternity services and a program that promotes adherence to medication regimens by waiving co-payments, among others. According to DHA officials, the 20 initiatives include five that have been implemented (two complete, three underway); three that will be implemented in the future—two with anticipated 2020 start dates are currently on hold due to the department's need to focus on the response to the Coronavirus Disease (COVID-19) pandemic and one that is expected to be implemented in January 2021; eight that are still under review, but no decisions have been made about whether and when they might be implemented; and four that were considered but will not be implemented. In fiscal year 2019, DOD offered health care services to approximately 9.6 million eligible beneficiaries worldwide through TRICARE, its regionally structured health care program. Beneficiaries may obtain health care services through DOD's direct care system of military hospitals and clinics or from its purchased care system of civilian providers. DOD contracts with private sector companies—referred to as managed care support contractors—to develop and maintain networks of civilian providers and perform other customer service functions for its purchased care system. The National Defense Authorization Act for Fiscal Year 2017 (NDAA 2017) required DOD to develop and implement value-based incentive initiatives in its TRICARE contracts. The NDAA 2017 also included a provision that required GAO to review these initiatives. This correspondence describes the initiatives DHA has developed and the status of each, as of June 2020. To do this work, GAO interviewed knowledgeable DHA officials and analyzed available documentation on each initiative, including decision papers, congressional reports, and Federal Register notices. For more information, contact Debra A. Draper at (202) 512-7114 or draperd@gao.gov.
    [Read More…]
  • Oil and Gas: Onshore Competitive and Noncompetitive Lease Revenues
    In U.S GAO News
    Pursuant to federal law, the Department of the Interior's (Interior) Bureau of Land Management (BLM) offers leases competitively through auction or noncompetitively for a fee if an adequate bid is not received. Competitive leases for oil and gas development on federal lands produced greater revenues, on average, than noncompetitive leases for fiscal years 2003 through 2019, according to GAO's analysis of revenues reported by Interior's Office of Natural Resources Revenue (ONRR) and leases from BLM. For this period, about 72,800 competitive leases produced about $14.3 billion in revenues—while total of 100,300 leases produced $16.1 billion. Average revenues from competitive leases over this time period were nearly 3 times greater than revenues from noncompetitive leases; about $196,000 and $66,000, respectively. Based on GAO's analysis of leases that started in fiscal years 2003 through 2009, competitive leases produced oil and gas more often than noncompetitive leases during the leases' 10-year primary term. Further, competitive leases with high bonus bids (bids above $100 per acre) were more likely to produce oil and gas in their 10-year primary terms than both competitive leases with lower bonus bids and noncompetitive leases. Specifically, about 26 percent of competitive leases that sold with bonus bids above $100 per acre produced oil and gas and generated royalties in their primary term compared with about 2 percent for competitive leases that sold at the minimum bid of $2 per acre and about 1 percent for noncompetitive leases. GAO's analysis showed that competitive leases with high bonus bids generated over 3 times the amount of cumulative, or total, royalties by the end of their primary term than all other competitive and noncompetitive leases combined (see fig.). Cumulative Royalties from Competitive Leases, by Bonus Bid, and Noncompetitive Leases That Started in Fiscal Years 2003 through 2009 According to BLM, federal onshore oil and gas leases generate about $3 billion annually in federal revenues, including royalties, one-time bonus bid payments, and rents. The Federal Onshore Oil and Gas Leasing Reform Act of 1987 requires that public lands available for oil and gas leasing first be offered under a competitive bidding process. BLM offers leases with 10-year primary terms competitively through auction or, if the tract of land does not receive an adequate bid, noncompetitively for a fee. The minimum bid is $2 per acre, and bids at or above the minimum are called bonus bids. ONRR is to collect revenues from oil and gas leases in accordance with the specific terms and conditions outlined in the leases, including revenues from rents and royalties. Lessees are to pay rent annually until production begins on the leased land and then pay royalties as a percentage of oil and gas production. Lease terms may be extended beyond the primary term if, for example, the lease is producing oil or gas. GAO was asked to review oil and gas leasing on federal lands. This report describes oil and gas revenues from competitive and noncompetitive leases for fiscal years 2003 through 2019. GAO analyzed federal lease and revenue data and interviewed Interior officials and four experts knowledgeable about federal oil and gas leasing. To consistently compare leases over their lifecycle, GAO analyzed revenues that occurred within the leases' primary term (first 10 years) for leases that started in fiscal years 2003 through 2009. For more information, contact Frank Rusco at (202) 512-3841 or RuscoF@gao.gov.
    [Read More…]
  • Navy Readiness: Actions Needed to Evaluate and Improve Surface Warfare Officer Career Path
    In U.S GAO News
    What GAO Found U.S. Navy Surface Warfare Officers (SWOs) separate from the SWO community earlier and at higher rates compared with officers in similar U.S. Navy communities, and female SWOs separate at higher rates than male SWOs. Retention Rates for U.S. Navy Officers and Surface Warfare Officers by Gender Note: GAO compared the U.S. Navy Surface Warfare Officer community separation rates with those of the other unrestricted line officer communities in the U.S. Navy: Naval Aviation, Submarine, and Explosive Ordinance Disposal and Special Warfare. GAO found that after 10 years of service, around the first major career milestone: 33 percent of SWOs remain in their community, compared with 45 percent of officers from similar U.S. Navy officer communities, and 12 percent of female SWOs remain in their community, compared with 39 percent of male SWOs. By using existing information to develop a plan to improve SWO retention, the Navy will be better positioned to retain a diverse and combat-ready community. The career path for U.S. Navy SWOs differs from those in similar positions in selected foreign navies and other U.S. Navy and U.S. maritime communities. Career Path for U.S. Navy Surface Warfare Officers Compared with Others The U.S. Navy made incremental career path changes for SWOs following the 2017 collisions, but has not regularly evaluated or fundamentally changed its SWO career path for over a century. GAO found that by a factor of four to one, SWOs believe specialized career paths would better prepare them for their duties than the current generalist career path. Without periodic evaluations of current approaches, including alternative career paths, and the use of those evaluations, the U.S. Navy may miss an opportunity to develop and retain proficient SWOs. Why GAO Did This Study SWOs are U.S. Navy officers whose primary duties focus on the safe operation of surface ships at sea. In 2017, the Navy had two collisions at sea that resulted in the death of 17 sailors and hundreds of millions of dollars in damage to Navy ships. Following the collisions, the Navy identified deficiencies in the SWO career path and staffing policies, and took action to improve these areas. The John S. McCain National Defense Authorization Act for Fiscal Year 2019 contained a provision that GAO assess issues related to the U.S. Navy SWO career path. Among other things, this report (1) assesses trends in separation rates of SWOs with those of similar U.S. Navy officer communities, and trends in SWO separation rates by gender; (2) describes how the career path of U.S. Navy SWOs compares to those of selected foreign navies and other U.S. Navy and U.S. maritime communities; and (3) assesses the extent to which the U.S. Navy has used or evaluated alternative career paths. GAO analyzed U.S. Navy officer personnel data; selected foreign navies and U.S. maritime officer communities for comparison; and surveyed a generalizable sample of Navy SWOs.
    [Read More…]
  • Medicare Part B: Payments and Use for Selected New, High-Cost Drugs
    In U.S GAO News
    Hospital outpatient departments perform a wide range of procedures, including diagnostic and surgical procedures, which may use drugs that Medicare considers to function as supplies. If the drug is new, and its cost is high relative to Medicare's payment for the procedure, then hospitals can receive a separate “pass-through” payment for the drug in addition to Medicare's payment for the procedure. These pass-through payments are in effect for 2 to 3 years. When the pass-through payments expire, Medicare no longer pays separately for the drug, and payment for the drug is “packaged” with the payment for the related procedure. The payment rate for the procedure does not vary by whether or not the drug is used. Medicare intends this payment rate to be an incentive for hospitals to furnish services efficiently, such as using the most cost-efficient items that meet the patient's needs. Examples of Types of Drugs that Medicare Considers to Function as Supplies GAO's analysis of Medicare data showed that higher payments were associated with six of seven selected drugs when they were eligible for pass-through payments versus when their payments were packaged. For example, one drug used in cataract removal procedures was eligible for pass-through payments in 2017. That year, Medicare paid $1,824 for the procedure and $463 for the drug pass-through payment—a total payment of $2,287. If a hospital performed the same cataract removal procedure when the drug was packaged the following year, there was no longer a separate payment for the drug. Instead, Medicare paid $1,921 for the procedure whether or not the hospital used the drug. Of the seven selected drugs, GAO also reviewed differences in use for four of them that did not have limitations on Medicare coverage during the time frame of GAO's analysis, such as coverage that was limited to certain clinical trials. GAO found that hospitals' use of three of the four drugs was lower when payments for the drugs were packaged. This was consistent with the financial incentives created by the payment system. In particular, given the lower total payment for the drug and procedure when the drug is packaged, hospitals may have a greater incentive to use a lower-cost alternative for the procedure. Hospitals' use of a fourth drug increased regardless of payment status. The financial incentives for that drug appeared minimal because the total payment for it and its related procedure was about the same when it was eligible for pass-through payments and when packaged. Other factors that can affect use of the drugs include the use of the drugs for certain populations and whether hospitals put the drugs on their formularies, which guide, in part, whether the drug is used at that hospital. The Department of Health and Human Services reviewed a draft of this report and provided technical comments, which GAO incorporated as appropriate. Medicare makes “pass-through” payments under Medicare Part B when hospital outpatient departments use certain new, high-cost drugs. These temporary payments are in addition to Medicare's payments for the procedures using the drugs. They may help make the new drugs accessible for beneficiaries and also allow Medicare to collect information on the drugs' use and costs. The Consolidated Appropriations Act, 2018 included a provision for GAO to review the effect of Medicare's policy for packaging high-cost drugs after their pass-through payments have expired. This report describes (1) the payments associated with selected high-cost drugs when eligible for pass-through payments versus when packaged, and (2) hospitals' use of those drugs when eligible for pass-through payments versus when packaged. GAO reviewed federal regulations on pass-through payments and Medicare payment files for all seven drugs whose pass-through payments expired in 2017 or 2018 and that were subsequently packaged. All of these drugs met Medicare's definition for having a high cost relative to Medicare's payment rate for the procedure using the drug. GAO also reviewed Medicare claims data on the use of the drugs for 2017 through 2019 (the most recent available). To supplement this information, GAO also interviewed Medicare officials, as well officials from 11 organizations representing hospitals, physicians, and drug manufacturers, about payment rates, use, reporting, and clinical context for the drugs. For more information, contact James Cosgrove at (202) 512-7114 or cosgrovej@gao.gov.
    [Read More…]
  • Georgia Man Sentenced to 57 Months in Prison for Tax Fraud
    In Crime News
    A federal district court in Cincinnati, Ohio, sentenced an Atlanta, Georgia, man to 57 months in prison today for tax evasion. This sentence included an enhancement for failing to report income from drug trafficking.
    [Read More…]
  • 2021 U.S. ASPIRE Competition
    In Climate - Environment - Conservation
    Bureau of Oceans and [Read More…]
  • Civil Rights Division Opens Investigation into Potential Discrimination in Public Contracting
    In Crime News
    The Department of Justice Civil Rights Division has opened an investigation into whether the public contracting and procurement practices of Kansas City, Missouri comply with the U.S. Constitution and the Civil Rights Act of 1964.
    [Read More…]
  • State Department Terrorist Designation Reviews and Amendments
    In Crime Control and Security News
    Office of the [Read More…]
  • Secretary Antony J. Blinken and Jordanian Foreign Minister Ayman Safadi Before Their Meeting
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Social Media Influencer Charged with Election Interference Stemming from Voter Disinformation Campaign
    In Crime News
    A Florida man was arrested this morning on charges of conspiring with others in advance of the 2016 U.S. Presidential Election to use various social media platforms to disseminate misinformation designed to deprive individuals of their constitutional right to vote.
    [Read More…]
  • Houthi Attacks Impacting Civilians
    In Crime Control and Security News
    Ned Price, Department [Read More…]
  • The Sentencing of Russian Opposition Figure Aleksey Navalny
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Department of Justice Files Complaint Against California Company To Stop Distribution of Adulterated Animal Drugs
    In Crime News
    The United States filed a civil complaint to stop a California company from manufacturing and distributing adulterated animal drugs, the Department of Justice announced today.
    [Read More…]
  • Burmese Military Arrests of Civilian Government Leaders
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • South Africa Travel Advisory
    In Travel
    Reconsider travel to [Read More…]
  • Secretary Pompeo’s Call with Mongolia’s President Battulga
    In Crime Control and Security News
    Office of the [Read More…]
  • Pennsylvania Attorney Sentenced for Role in $2.7 Million Ponzi Scheme
    In Crime News
    An Allentown, Pennsylvania, attorney was sentenced today to 78 months in prison followed by three years of supervised release for his role in a $2.7 million investment fraud scheme that victimized his law clients.
    [Read More…]
  • Home Health Agency and Former Owner to Pay $5.8 Million to Settle False Claims Act Allegations
    In Crime News
    Doctor’s Choice Home Care, Inc. and its former owners, Timothy Beach and Stuart Christensen, have agreed to pay $5.15 million to resolve allegations that the home health agency provided improper financial inducements to referring physicians through sham medical director agreements and bonuses to physicians’ spouses who were Doctor’s Choice employees, the Department of Justice announced today. 
    [Read More…]
  • Secretary Antony J. Blinken and Ukrainian Prime Minister Denys Shmyhal Before Their Meeting
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Appointment of Ambassador Arnold Chacon to serve as Chargé d’Affaires to Canada
    In Crime Control and Security News
    Office of the [Read More…]
  • Justice Department Reaches Proposed Consent Decree to Resolve Hampton Roads Regional Jail Investigation
    In Crime News
    Today, the Department of Justice’s Civil Rights Division and the U.S. Attorney’s Office for the Eastern District of Virginia filed a complaint and a proposed consent decree with the Hampton Roads Regional Jail Authority.
    [Read More…]
  • Electromagnetic Spectrum Operations: DOD Needs to Take Action to Help Ensure Superiority
    In U.S GAO News
    What GAO Found The electromagnetic spectrum (the spectrum) consists of frequencies worldwide that support many civilian and military uses, from mobile phone networks and radios to navigation and weapons. This invisible battlespace is essential to Department of Defense (DOD) operations in all domains—air, land, sea, space, and cyberspace. The interruption of U.S. forces' access to the spectrum can result in a military disadvantage, preventing U.S. forces from operating as planned and desired. According to the studies by DOD and others that GAO reviewed for its December 2020 report on military operations in the spectrum, adversaries, such as China and Russia, are also aware of the importance of the spectrum and have taken significant steps to improve their own capabilities that challenge DOD and its operations. For example, studies described how China has formed new military units and fielded new unmanned aerial vehicles with spectrum warfare capabilities, and Russian electromagnetic warfare forces have demonstrated their effectiveness through successful real-world applications against U.S. and foreign militaries. These developments are particularly concerning in the context of challenges to DOD's spectrum superiority. GAO's analysis of the studies highlighted DOD management challenges such as dispersed governance, limited full-time senior-level leadership, outdated capabilities, a lengthy acquisition process, increased spectrum competition and congestion, and a gap in experienced staff and realistic training. GAO found that DOD had issued strategies in 2013 and 2017 to address spectrum-related challenges, but did not fully implement either strategy because DOD did not assign senior leaders with appropriate authorities and resources or establish oversight processes for implementation. DOD published a new strategy in October 2020, but GAO found in December 2020 the department risks not achieving the new strategy's goals because it had not taken key actions—such as identifying processes and procedures to integrate spectrum operations across the department, reforming governance structures, and clearly assigning leadership for strategy implementation. Also, it had not developed oversight processes, such as an implementation plan, that would help ensure accountability and implementation of the 2020 strategy goals (see figure). Actions to Ensure DOD Superiority in the Electromagnetic Spectrum Why GAO Did This Study The spectrum is essential for facilitating control in operational environments and affects operations in the air, land, sea, space, and cyberspace domains. Spectrum use is pervasive across warfighting domains and thus maintaining or achieving spectrum superiority against an adversary is critical to battlefield success. This statement summarizes: (1) the importance of the spectrum; (2) challenges to DOD's superiority in the spectrum; and (3) the extent to which DOD has implemented spectrum-related strategies and is positioned to achieve future goals. This statement is based on GAO's December 2020 report (GAO-21-64) and updates conducted in March 2021. For the report, GAO analyzed 43 studies identified through a literature review, reviewed DOD documentation, and interviewed DOD officials and subject matter experts. For the updates, GAO reviewed materials that DOD provided in March 2021.
    [Read More…]
  • Chinese National Pleads Guilty to Illegal Exports to Northwestern Polytechnical University
    In Crime News
    A Chinese national pleaded guilty today in federal court in Boston in connection with illegally procuring and causing the illegal export of $100,000 worth of U.S. origin goods to Northwestern Polytechnical University (NWPU), a Chinese military university that is heavily involved in military research and works closely with the People’s Liberation Army on the advancement of its military capabilities.
    [Read More…]
  • Smoke Tests Protect Courtroom Air From COVID-19
    In U.S Courts
    Even as vaccines begin to protect the public from the coronavirus (COVID-19), one of the Judiciary’s biggest priorities is ensuring that the air inside courtrooms and hallways remains safe as courts schedule more in-person legal proceedings.   A new U.S. Courts video highlights a simple technique used to protect court users: a smoke test, which makes air currents inside buildings visible.
    [Read More…]
  • Kuwait Travel Advisory
    In Travel
    Reconsider travel to [Read More…]