Kellen Dwyer

About Kellen Dwyer

Kellen Dwyer is partner and co-leader of Alston & Bird’s National Security & Digital Crimes practice. He previously served in the Justice Department in several cyber and national security roles. As an assistant U.S. attorney in the Eastern District of Virginia, he obtained a computer hacking indictment against Julian Assange and represented the United States at Assange’s extradition hearings in London.

[Read Bio]

Penn State University Hit With False Claims Act Suit for Alleged Cyber Security Deficiencies

September 25, 2023 By Kellen Dwyer and Kai Knight

On September 1, 2023, the U.S. District Court for the Eastern District of Pennsylvania unsealed a qui tam False Claims Act (“FCA”) lawsuit (originally filed on October 5, 2022) alleging Penn State University failed to provide “adequate security” for Covered Defense Information, as contractually required by Defense Federal Acquisition Regulation Supplement (“DFARS”) 252.204-7012. DFARS requires […]

Chinese Hackers Exploit Gap in Cloud Environment Used by U.S. Government

July 20, 2023 By Kellen Dwyer and Kristen Bartolotta

According to recent reports issued by Microsoft and U.S. government agencies, hackers recently exploited a gap in Microsoft’s cloud environment, enabling the malicious actors to access the email accounts of employees at the United States Commerce and State Departments. Including the U.S. government, around 10 organizations were victimized in the U.S. and about 25 were […]

CISA Issues Request for Information Prior to Required CIRCIA Rulemaking

September 13, 2022 By Kim Peretti, Kellen Dwyer and Kristen Bartolotta

On September 12, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) issued a request for information (RFI) seeking input from stakeholders on the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). Signed by President Biden in March, CIRCIA requires CISA to develop and implement regulations requiring covered entities to report information about covered […]

DOJ Issues New Policy on CFAA Prosecutions

May 19, 2022 By Kellen Dwyer and Kim Peretti

Today, the Department of Justice (“DOJ”) updated its policy regarding charging violations under the Computer Fraud and Abuse Act (“CFAA”). This is the first update to the DOJ’s policy since 2014, and it is effective immediately. The policy states that all federal prosecutors who wish to charge cases under the CFAA must follow the new […]

Incomplete Cybersecurity Compliance Disclosures May Support Fraud Claim Under the False Claims Act, Federal Court Holds

February 7, 2022 By Kim Peretti and Kellen Dwyer

At the heels of a recent Civil Cyber-Fraud Initiative related to cybersecurity practices and the False Claims Act (FCA), a cybersecurity-related FCA case has survived a motion for summary judgment, teeing up a trial to determine if the defendants’ cybersecurity compliance disclosures were materially incomplete and if any misstatements were knowingly made. On February 1, […]