Cisco Systems is set to pay the U.S. government $8.6 million in settlement of claims that the company knowingly sold faulty video surveillance technology.
The Silicon Valley tech company has agreed to pay civil damages to several federal agencies, including the Secret Service, Homeland Security, the Federal Emergency Management Agency, and the U.S. military. The settlement also includes payouts to the District of Columbia and 15 other states.
"We are pleased to have resolved a 2011 dispute involving the architecture of a video security technology product," said Robyn Blum, a spokesperson for Cisco.
"There was no allegation or evidence that any unauthorized access to customers' video occurred as a result of the architecture."
Cybersecurity Issues
The legal complaint began eight years ago after a former Cisco subcontractor revealed that some of the video surveillance equipment bought by the federal government may have included cybersecurity vulnerabilities.
James Glenn, an employee of a Denmark-based Cisco partner, discovered certain flaws in the devices in 2008. He said the issue could be used to gain illegal access to the system, manipulate information, and bypass its security measures.
Glenn said he reported the security issues regarding the equipment, but he was fired from his job five months later. When he found out that Cisco had not fixed the problem and that some of the faulty cameras were still in use at Los Angeles International Airport in 2010, he decided to contact federal authorities about it.
In 2013, Cisco acknowledged the cybersecurity issue with its video surveillance system, stating that the flaw could provide "full administrative privileges" on the devices. The company subsequently released a patch to address the problem.
In a report by CNBC, it was revealed that the flaws made Cisco's products to be non-compliant with requirements set by the National Institute of Standards in Technology.
However, Cisco allegedly claimed that the products were NIST-compliant even at the time when the flaws were not yet fixed. This could leave the company liable under the False Claims Act, according to Glenn's legal counsel.
False Claims Cyber Case
As part of the settlement, Glenn will also receive about $1 million for his role as the whistle-blower for the government.
Glenn's lawyer, Annie Hayes Hartman, said the Cisco settlement marks the first-ever payout involving a false claims cyber case. Legal experts believe this could leave the door open to more cases over false promises allegations in government contracts.
"It's astonishing that there aren't more of these cases being brought," Hartman said.