Tag Archives: COVID-19

Modern Fraud Threats in Government Relief Programs: How Agencies Can Defend Against Cybercrime

Posted on by
Reply

A recent investigation by CBS News’ “60 Minutes” has highlighted a significant issue: organized crime rings, often operating from overseas, are using stolen identities to steal billions of dollars from the U.S. Federal and State programs. These sophisticated fraud schemes specifically target public assistance initiatives, taking advantage of digital vulnerabilities and overwhelmed systems. The COVID-19 pandemic accelerated the delivery of relief funds, presenting new challenges for security systems still being implemented.

As these cyber-enabled crimes grow in complexity and scale, Public Sector organizations must evolve their defenses. HUMAN Security offers a modern solution that aligns with Public Sector standards and frameworks, like the NIST Cybersecurity Framework, to protect against automated fraud, account takeovers and bot-driven exploitation.

The Expanding Threat Landscape: Government Fraud at Scale

The fraud rings described in the CBS report do not fit the Hollywood stereotype of a lone hacker in a basement. These are industrial-scale operations run by criminal syndicates that:

  • Use stolen or synthetic identities to apply for public benefits such as unemployment insurance, COVID relief, food assistance and housing vouchers.

  • Leverage bots and automated scripts to rapidly test stolen credentials against Government login portals.

  • Host phishing websites and fake document generators to fool verification systems.

  • Exploit the lack of robust digital defenses in legacy Public Sector infrastructure.

At the height of the pandemic, the U.S. prioritized the rapid distribution of trillions in relief funds to support individuals and businesses in crisis. In the urgency to deliver aid quickly, some agencies adjusted standard fraud controls—creating unforeseen opportunities for bad actors. According to the CBS report, an estimated $280 billion was lost to fraud, with an additional $123 billion categorized as wasted or misused.

The tactics employed have now evolved into permanent tools of financial exploitation. Many cybercriminals continue to exploit social welfare and Government programs by leveraging automation and AI. Fraud isn’t slowing down—it’s scaling up.

Why Public Sector Agencies Are Attractive Targets

Government systems present a unique target profile for attackers due to a combination of high-value data, broad user bases and strained IT resources. Here’s why the Public Sector is particularly vulnerable:

1. High Payout Potential

Each successful fraudulent claim can yield thousands of dollars in benefits. Fraudsters often operate in bulk, submitting thousands of applications using stolen identities.

2. Legacy Infrastructure

Many State and Local agencies still operate on outdated software stacks that lack modern bot detection or behavior-based threat analysis.

3. Lack of Real-Time Monitoring

Fraudulent applications often go undetected until after funds are dispersed. Manual review processes are insufficient to handle the volume of claims.

4. Increased Script & API Vulnerabilities

Fraudsters exploit front-end vulnerabilities, such as JavaScript manipulation or misuse of APIs, to simulate real user activity, bypass verification checks and deploy fake documents.

HUMAN Security: A Modern Solution for a Modern Threat

Carahsoft, HUMAN 60 min, blog, embedded image, 2025

HUMAN Security specializes in protecting organizations from automated attacks, fraud and abuse by distinguishing between real users and malicious bots. HUMAN’s solutions are uniquely positioned to help Public Sector agencies address the specific types of fraud exposed by 60 Minutes.

1. Bot and Automation Mitigation

Fraudsters frequently use bots to submit applications at scale, probe systems for weaknesses and conduct credential stuffing attacks. The HUMAN Defense Platform analyzes over 20 trillion digital interactions weekly to identify real-time anomalies.

Through behavioral analysis, device fingerprinting, and machine learning, we can help public sector clients:

  • Detect non-human interaction patterns
  • Prevent fake accounts from being created
  • Block bot-driven denial-of-service or overload attempts

2. Account Takeover & Credential Abuse Defense

Many fraud schemes begin with access to a real person’s Government credentials. We prevent account takeovers by identifying compromised credentials in real time and helping clients stop  unauthorized login attempts.

Our Application Protection Package also integrates into public-facing login portals to block brute-force attempts and detect unusual login behavior.

3. Fake Identity and Synthetic Account Prevention

Fraudsters use fake IDs or generated synthetic identities to bypass identity checks. Our behavior-based analytics distinguish real users from fabricated personas—stopping fake account creation before it starts.

4. Real-Time Threat Intelligence:

By continuously monitoring emerging threats, we equip Public Sector clients with up-to-date information to counteract evolving fraud tactics.

5. Integration with Public Sector Frameworks:

Leading-edge solutions that align with standards like the NIST Cybersecurity Framework, HUMAN facilitates seamless integration into existing Government infrastructures and helps public sector clients with compliance and regulatory requirements.

Real-World Benefits to Government Agencies

By adopting fraud protection solutions, public agencies can:

  • Minimize Fraud Risk: Real-time prevention minimizes the risk of sending funds to bad actors.

  • Protect Citizens: Reduce identity theft and unauthorized access to sensitive citizen data.

  • Build Trust: Demonstrating robust cybersecurity fosters public trust in digital Government systems.

  • Streamline Compliance: Meet modern standards like PCI DSS 4.0 requirements 6.4.3. & 11.6.1 and NIST CSF with confidence.

  • Save Taxpayer Dollars: Every fraudulent dollar blocked is money that can be returned to real beneficiaries or saved for future programs.

A Call to Action for Government Leaders

The fraud revealed in the CBS 60 Minutes report isn’t an isolated event—it’s a warning sign. Digital transformation has accelerated across public agencies, but fraud defenses haven’t always kept pace.

Government leaders must take a proactive stance by:

  • Modernizing fraud detection capabilities

  • Closing visibility gaps across digital infrastructure

  • Adopting behavior-based, real-time defenses like HUMAN Security

  • Aligning security strategy with established frameworks (NIST, PCI DSS)

Fraud is no longer just a compliance risk—it’s a national security issue. As public trust and taxpayer funds hang in the balance, Government agencies must embrace modern, intelligent and automated defense systems to keep fraudsters out.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including HUMAN Security we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

EdTech Talks: Exploring the Impact of Technology on Student Growth and Development

Posted on by
Reply

Schools and universities strive every day to give their students an effective, fulfilling, successful personal growth and academic learning experience. Harnessing technology innovations can pave the way to achieving those goals. During Carahsoft’s annual EdTech Talks Summit, experts in education and the IT industry discussed how existing and emerging solutions such as observability, the ‘secure by design’ approach and analytics can enhance education to personalize experiences, provide developmental insights on learning approaches and achieve maximum support for all students.  

Addressing Post-Pandemic Digital Transformation with Observability 

Following the COVID-19 pandemic, there were many education challenges including a rapid shift to remote learning, the need to adapt quickly to new technologies and evolving cybersecurity threats. Schools and universities play a major role in the nation’s critical infrastructure along with the transportation sector, water and pipeline management, utilities and more making them vulnerable to cyberattacks. Bolstering the strength of cybersecurity infrastructure is a key component of the student experience as schools are responsible for safeguarding student’s educational, health and personal identification records.  

Carahsoft EdTech Talks Summit Blog Series-Part 2 Student Growth and Development Blog Embedded Image 2023One step towards achieving cybersecurity is observability. In a time when education leaders are asked to do more with less, observability allows institutions to understand what is happening within their networks and why. Observability should be used to empower education IT teams and in conjunction with active monitoring platforms, which will help them understand the full scope of the data in their network management systems to then apply actionable intelligence to solve issues. When exploring this data, IT staff should consider these questions: 

  • Is the network following the proper compliance rules that are in place? If not, what change was made to take the network out of compliance?  
  • What is the user experience like right now?  
  • What vulnerabilities are there within the network? 
  • Are students able to reliably access what they need and are those systems performing correctly?  
  • Are the internal safeguards working as efficiently as external safeguards? 
  • Do students have proper online safety awareness to aid in avoiding potential risks? 

Implementing observability best practices can boost the security and manageability of schools’ network infrastructures, leading to improved experiences for students, faculty and cross-campus communities. 

Secure by Design for Education 

One of the leading ways manufacturers, developers and education institutions can ensure their products are safe and efficient for students and staff is to create and utilize products that are secure by design. This holistic approach establishes that each product code, solution bundle and packages is tested and validated before an end user receives them, and therefore, contains a built-in cybersecurity insurance policy. In the future, this will save schools time and costs by decreasing the number of cyber threats they face. Students and faculty will experience an increased learning capacity. For example, these solutions help keep students in schools and experiencing less interruption and downtime because of ransomware attacks. This approach empowers faculty to seamlessly adopt and integrate the use of secure solutions into their curriculum and lesson plans. With secure by design solutions, educators and students can rely on the fact that their data will be protected by modernized products tailored with them in mind. 

The Importance of Analytics in Higher Education 

Data plays a crucial role in educational infrastructure, offering valuable insights into the ever-evolving trends in learning. Most schools have siloed data in multiple areas such as learning management systems, enrollment systems and alumni engagement systems. Some colleges and universities within the Public Sector are only able to perform localized, descriptive analytics such as running spreadsheets and creating dashboards to see enrollment and graduation rates. The key to valuable, actionable and intelligent analytics is being able to discern how data intersects and correlates for more predictive and prescriptive analytics across the various digital spaces where institution data is stored. To do this, schools can leverage the power of automation through artificial intelligence (AI) and machine learning to augment data and use the insights gained to improve analytic maturity, helping faculty and administrators better serve students and their education missions.  

From increased security through observability and intentional technology designs to data-driven insights, the impact of these solutions on student growth is reshaping the educational landscape and creating an environment where students can thrive both academically and personally. 

 

Visit the EdTech Talks Conference Resource Center to view panel discussions and other innovative insights surrounding security, AI and student success from Carahsoft and our partners. 

 

About Carahsoft in the Education Market  

Carahsoft Technology Corp. is The Trusted Education IT Solutions Provider 

Together with our technology manufacturers and reseller partners, we are committed to providing IT products, services and training to support Education organizations.  

Carahsoft is a leading IT distributor and top-performing E&I Cooperative Services, Golden State Technology Solutions, Internet2, NJSBA, OMNIA Partners and The Quilt contract holder, enhancing student learning and enabling faculty to meet the needs of Higher Education institutions.  

Learn more at http://www.carahsoft.com/education. 

AI Paving the Way for New Healthcare Innovations

Posted on by
Reply

With the boom of consumer facing artificial intelligence (AI) through Chat GPT and other tools, the discussion of AI applications within healthcare has also become a priority with exciting new developments. Pre-COVID, there was some hesitancy with telehealth, whereas now it has become a highly valued, main offering within the healthcare ecosystem. Similarly, AI is becoming a key mobilizer for improved patient outcomes and more efficient provider processes. Through the power of the cloud and supercomputing, AI is opening doors for transformational results throughout all aspects of healthcare including personalized medicine, medical research and trials, treatment efficacy and more. Once healthcare organizations better understand the benefits that AI unlocks for all stakeholders, they can take the next steps to apply it to their individual health networks.

Benefits of AI in Healthcare

Patients

The potential uses for AI in the medical field are endless and apply to all levels of healthcare with improvements for patients, healthcare providers and healthcare administrators. When organizations invest in AI, it decreases wait times for patients, optimizes appointment availabilities and increases overall access. AI can also interpret imaging and detect illnesses faster which minimizes treatment delays. Through wearable technology and personalized medicine, AI is enabling patients to gather health data and manage treatment from home. This customizable capability is especially valuable for rural or low-income patients to level out the social determinants of health and offer treatment through telehealth while saving on costs for all involved.

Medical Providers

Carahsoft AI in Healthcare Blog Embedded Image 2023AI can significantly reduce the administrative burden for medical providers by automating routine tasks and increasing bandwidth for front line staff to complete other medical duties. A hallmark capability for AI is analyzing data which it can aggregate from wide pools of information to suggest electronic health record (EHR)-based interventions, predict possible future patient ailments and offer a more unified, comprehensive picture. In a post-COVID-19 world, AI healthcare data applications offer the extremely relevant and desired ability of anticipating future public health crises through research and analytics. These AI forecasts can accelerate understanding for policy creation, reinforce healthcare resources and provide precision public health.

Healthcare Administrators

Applying for grants can be a time-consuming process, but with AI evaluating grant proposals, healthcare administrators can quickly identify which grants to apply for and which to pass. AI can also detect potential fraud cases. It is currently being implemented at the Centers for Medicare and Medicaid Services to make sure that applicable citizens receive the proper care and services they deserve, and by the Department of Health and Human Services to analyze counterfeit drugs to prevent fraud and preserve the efficacy of vital medications.[1]

Making AI a Reality for Individual Healthcare Networks

With these groundbreaking benefits, instituting AI is a clear case. Currently about 98% of healthcare organizations have or are planning to implement an AI strategy.[2] To make this a reality, healthcare organizations must focus on three main areas:

  • Understanding the technology capabilities, requirements and use applications
  • Educating providers and building trust with patients
  • Instituting privacy and security policies

Understanding what AI can do, which applications to pursue for individual hospitals’ use cases and what it takes to operate the technology, needs to be a collaborative effort between all levels of a hospital system. Many clinicians are burned out and looking for tools that will ease their burden while also improving care. Through proactive conversations with medical providers and C-suite stakeholders, CIOs and management can present the investment benefits and ultimately increase full system buy-in and ability to scale effectively and efficiently.

Educating medical ecosystems and patients with the digital skills and knowledge to utilize the technology resources is also important for proper usage and increased adoption. Once providers understand the potential of AI and the practical ways it can improve their workflows, they can be confident in using the tools and clearly articulating the information to patients. Trust is a huge component of thriving, effective care. Clearly presented information establishes that rapport with patients and clinicians. Overall, training re-establishes for providers and administrators the priorities of patient safety, professional accountability and protection from reputational, legal and financial risk to ensure that the AI technology is used responsibly. Through proper education, patients also feel empowered with how AI is being implemented in their care and the commitment of their medical team to pursue the safest and best outcomes.

The last key element to establishing the use of AI in healthcare and maximizing its benefits is keeping privacy and security top of mind. Hospital management need to consider what policies and procedures they will institute to protect patients’ data and prevent bad actors from exposing personal information or disrupting care. Data integrity is also vital to keep AI algorithms’ predictions and assessments accurate. Healthcare network administrators will need to evaluate the best method to securely store that data whether through a cloud provider or building encrypted data storage on premises using private AI with an internal high computing platform specific to the individual hospital. These management policies and governance frameworks will not only offer standardization, they will also help build trust with patients while providing enough flexibility for AI innovation and growth.

 

Ultimately the partnership of AI with medical experts enables the perfect balance to deliver rapid, actionable insights and improvements while humans manage the usage of the technology to ensure quality care for each medical case. The future of healthcare is patients being able to take greater ownership of their health through aggregating additional data and applying AI to achieve better treatments. Providers and staff will be able to maximize their time through AI optimizations and provide more proactive care based on AI predictions. These advancements will revolutionize the healthcare industry as we know it and pave the way for a healthier society. Some are calling AI the next quantum leap in technology, and healthcare should be at the forefront of leveraging the resources to drive improvement, accelerate innovation and save lives.

 

To learn more about how Carahsoft is enabling healthcare organizations to achieve technology innovations such as AI, visit our Healthcare Technology and AI and Machine Learning solutions portfolios and speak to a representative who can help meet your solution needs today.

 

Resources:

[1] “HHS CIO Karl Mathias Details 3 Promising Applications of AI in Health Care Sector,” GovConWire, https://www.govconwire.com/2023/05/hhs-cio-karl-mathias-details-3-promising-applications-of-ai-in-healthcare/

[2] “AI Survey: Health Care Organizations Continue to Adopt Artificial Intelligence to Help Achieve Better, More Equitable and Affordable Patient Outcomes,” Optum, https://www.optum.com/about-us/news/page.hub.ai-survey-health-care-organizations-adopt-artificial-intelligence.html

Transforming State and Local Government in Ohio Through Technology

Posted on by
Reply

Innovation and collaboration are imperative to drive growth and transformation in State and Local Governments, as well as the need to invest in education and training to prepare the workforce for the jobs of the future. At the Carahsoft Digital Transformation Roadshow in Columbus, Ohio, Government IT and industry leaders engaged in dynamic discussions around the role of technology in shaping the modernization of the state of Ohio and beyond.

Technology Innovation in State and Local Government

Ohio State and Local agencies have begun to integrate innovative technologies to drive better decision-making while lowering the cost of ownership for IT systems; however, this requires significant investment in infrastructure, training and talent acquisition. Agencies must also ensure cybersecurity and risk management, as the use of new technology can create new vulnerabilities. There is a critical need for education, collaboration and innovation as State and Local agencies reimagine the future workforce which is an ever evolving complex and diverse ecosystem.

When faced with implementing technologies like artificial intelligence (AI), internet of things (IoT) and other transformational technologies, comprehensive planning is the best way forward for State and Local agencies. By doing the planning upfront, agencies can ensure that they have the right tools to manage vulnerabilities, mitigate risks and drive innovation.

Carahsoft State and Local Ohio Roadshow Blog Embedded Image 2023Utilizing a single platform that connects automation of other tools into that platform helps agencies get real-time data reporting and addresses risk within the organization. By using multiple endpoint management and security tools in a single platform, agencies can streamline their operations, reduce costs and improve their overall security posture.

A local agency in Westerville, Ohio has started using data for applied analytics and customizing citizen experiences using a feedback model. This approach involves analyzing and interpreting data to improve services and provide a more streamlined citizen experience for services like trash collection, public safety and traffic management. By using data to drive decision-making and improve services, agencies can become more efficient, effective and responsive to the needs of citizens.

Building a Resilient Government

Modernizing systems, which is the top priority for building a resilient Government, will improve citizen services, generate cost savings, increase security and provide a more holistic, human-centered Government experience. Many State and Local agencies have outdated systems and need to modernize their infrastructure and business processes to make commerce more accessible and efficient. This involves evaluating areas for improvement, such as replacing fax machines with modernized digital tools and platforms and consolidating multiple systems into a few with all the key functionality they need.

The Ohio Department of Aging (DoA) implemented a tenant of rapid response in which automated systems provide emergency staffing within 24 hours for long-term care facilities and nursing homes during the COVID-19 pandemic and continue to this day. The DoA has also worked on predictive modeling utilizing the Governance, Risk and Compliance (GRC) organizational strategy to identify potential issues and respond proactively. Additionally, it has focused on meeting citizens’ needs through an omnichannel approach, using interoperable data analytics and predictive modeling to provide a more personalized and efficient experience.

Combating Cyber Threats in Government

Public Sector organizations face a range of cybersecurity risks, including data exploitation, insider threats, third party vulnerabilities, ransomware, identity theft and fraudulent access to State Government services. To mitigate these risks, agencies can take steps such as implementing strong access controls, regularly updating software and systems, conducting employee training on cybersecurity best practices and partnering with other organizations to share threat intelligence and collaborate on incident response.

Cybersecurity and Infrastructure Security Agency (CISA) offers several services to assist Government agencies with cybersecurity, including assessments and external dependency mapping. These services are provided at no cost to agencies, as they are already paid for by federal taxpayers. The services include:

  • Cybersecurity assessments: conduct cybersecurity assessments, which can help identify vulnerabilities and areas for improvement.
  • Ransomware readiness assessments: prepare for and respond to ransomware attacks, which are a growing threat to State and Local Governments.
  • External dependency mapping: identify and assess third-party vendors and other external dependencies, which can be a source of cybersecurity risk.
  • Threat intelligence sharing: provide agencies with information on emerging threats and best practices for defending against cyber-attacks.
  • Incident response planning: develop and test incident response plans, which can help ensure a coordinated and effective response in the event of a cyber-attack.

As cybersecurity threats become more sophisticated, it is increasingly critical for individual employees to be aware of the risks and take steps to protect their agency. Following best practices for password management, avoiding suspicious emails and links and reporting any potential security incidents to IT or security personnel is imperative. Agencies should provide regular training and offer resources such as phishing simulations to help employees become more vigilant.

Agencies must continue to leverage technology, utilize resources like CISA, stay up to date on the latest best practices and remain committed to meeting citizens’ needs. By embracing technology innovation, State and Local agencies can create a brighter future for all.

 

Explore more resources and learn more about Carahsoft’s State and Local Roadshow Series: Digital Transformation by visiting our Roadshow portfolio.

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at Carahsoft’s Digital Transformation Roadshow.*