Government contractors regularly handle sensitive federal data, and cybersecurity compliance is no longer optional—it’s mandatory. A recent settlement between the Department of Justice (DOJ) and defense contractor Raytheon Company (Raytheon) highlights the critical importance of strict adherence to federal cybersecurity standards and the severe consequences of falling short. DOD contractors that neglect compliance or inaccurately represent their cybersecurity posture may find themselves facing costly False Claims Act (FCA) litigation.
The Raytheon Settlement: Key Facts and Allegations
On April 4, 2025, the DOJ announced an $8.4 Million settlement resolving allegations that Raytheon and affiliated entities violated the FCA by falsely representing compliance with federal cybersecurity regulations. Specifically, the DOJ alleged that Raytheon failed to implement required cybersecurity safeguards mandated by the Defense Federal Acquisition Regulation Supplement (DFARS) and the Federal Acquisition Regulation (FAR).
Raytheon, along with its parent RTX Corporation and successor Nightwing Group LLC, was accused of knowingly submitting false claims to various Department of Defense (DoD) agencies—including the Defense Threat Reduction Agency, U.S. Cyber Command, and the Army, Navy, and Air Force—for work performed on an internal development network known as “1.0.” According to the DOJ’s allegations, Raytheon’s 1.0 system handled Covered Defense Information (CDI) and Federal Contract...
A man falsely accused of voting fraud in the conspiracy film “2000 Mules” tried to hold its producers responsible Friday, asking a federal judge to rule in his favor. But the moviemakers, includin...