Welcome to the Pondera FraudCast, a weekly blog where we post information on fraud trends, lessons learned from client engagements, and observations from our investigators in the field. We hope you’ll check back often to stay current with our efforts to combat fraud, waste, and abuse in large government programs.
By this time, just about everyone has watched or read a news report about the WannaCry ransomware attack that hit the world’s computer networks on May 12th. Multiple variants of the program will likely attack computers for the foreseeable future, forcing individuals to pay bitcoin ransom or lose their data and causing serious harm to businesses including hospitals and governments.
Plenty has been written about the source of the attack and how it works. So, while every “connected” person should read about WannaCry to help protect themselves against future attacks, I don’t see any need to cover this ground here. For me, though, two interesting facets of the story really stand out.
First, I find it fascinating and somewhat inspiring that the attack was stopped by a 22-year-old vacationing cyber analyst who goes by the name MalwareTech; with assistance from his colleague Kafeine. These two, and countless others, operate in a world that most of us know almost nothing about to keep our systems safe. It reminds me of the classic Jack Nicholson speech from “A Few Good Men” where he excoriates Tom Cruise for challenging him while he protects our safety. Of course, in this example, there is no evidence of MalwareTech or Kafeine “fragging” any of their tech colleagues.
The second interesting point I took form this attack was that most of us could have protected ourselves simply by updating our operating systems and virus protection software. This is a conversation I’ve had innumerable times with my own family. Of course, this also puts software manufacturers in the difficult position of patching years-old operating systems to accommodate those who won’t or can’t upgrade.
Bottom line for me: this is just another reminder to remain vigilant and to be thankful for the computer techs who have dedicated their careers to protecting us from those who have chosen to attack us. I hope you can “handle that truth”.
One of my favorite websites, paymentaccuracy.gov, has received a number of updates which may provide some insight into the current administration’s priorities. If you haven’t done so already, I encourage you to visit the site as it provides improper payment information on the government’s high-priority programs: those that report over $750 million of improper payments in a year or have not established or reported on their error rates.
The current version of the site includes many of the usual suspects including Medicaid ($36.3 billion in errors), Medicare fee-for-service ($41.1 billion), and the Earned Income Tax Credit ($16.8 billion with a whopping 24% error rate). SNAP continues to be listed but still does not provide relative numbers because of inaccurate state reporting—something we have discussed in previous posts.
Other items of note are the inclusion of three Veterans Affairs programs for Disability Compensation, Community Care, and Purchased Long Term Services and Support. While the .59% error rate on the $64 billion Disability Compensation plan appears surprisingly low, the 75.86% error rate for the $4.7 billion Community Care program is likely the result of new reporting requirements… at least I genuinely hope so.
Other high error-rate programs include school nutrition services (both breakfast and lunch), student loan programs, and Unemployment Insurance which ticked up to 11.65% this year.
Regardless of political leanings, I think we can all agree that we want our tax dollars going to those who need them the most. And the transparency provided by paymentaccuracy.gov is a great step toward this goal. My hope is that the government will continue to provide easy access to this information. I am still disappointed each time I visit the expectmore.gov website (which reports on program performance, not just fraud, waste, and abuse) where I see the following message:
“Expect More.gov was an initiative of the George W. Bush administration. This website has been archived and is posted here as an historical resource. It has not been updated since the end of 2008 and links to many external websites and some internal pages will not work.”