March 3, 2016 by

Pentagon Invites Hackers to Hack the Department With Bug Bounty Program

Starting next month, the Pentagon will launch the United States government’s first ever big bounty program to encourage hackers to break into its websites in exchange for cash.

Although details of the bounty itself hasn’t been revealed just yet, the Pentagon confirmed that it will use “commercial sector crowdsourcing” bug bounty programs like HackerOne or BugCrowd to begin with. In other words, the bounty program will be open to a certain caliber of “qualified” hackers who pass background checks.

Furthermore, the program will be restricted in its scope so hackers will be welcomed to target certain defined assets and not mission-critical systems.

“I am always challenging our people to think outside the five-sided box that is the Pentagon,” said Secretary of Defense Ash Carter in a press release.  “Inviting responsible hackers to test our cybersecurity certainly meets that test.  I am confident this innovative initiative will strengthen our digital defenses and ultimately enhance our national security.”

The new initiative is a part of the Obama administration’s comprehensive Cyber National Action Plan announced on Feb 9. The overall objective is to prioritize near-term actions to improve the country’s cyber defenses and to codify a long-term strategy to enhance cybersecurity across all forms of the United States government.

The “Hack the Pentagon” initiative is being put together by the Department of Defense’s – Defense Digital Service (DDS), launched by Secretary of Defense Carter last November. AS an arm of the White House’s dynamic roster of technology experts at the United States Digital Service, it includes a small team of data experts and engineers working toward improving the department’s technological agility and capabilities.

DDS Director and technology entrepreneur Chris Lynch stated:

Bringing in the best talent, technology and processes from the private sector not only helps us deliver comprehensive, more secure solutions to the Department of Defense (DoD), but it also helps us better protect our country.

The pilot bug bounty program will the first in a series of several programs designed to look for vulnerabilities in the department’s websites, applications, and networks.

The pilot program will launch in April and the DoD will provide more details on requirements for participation, bounties and ground rules in the coming weeks of March.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Fake SWIFT Service Emails Delivers Adwind Remote Access Trojan

An email phishing campaign has attempted to infect unsuspecting victims with the Adwind...

Read more arrow_forward

Tesla’s Cloud Account Hacked to Mine Cryptocurrency

Tesla’s cloud environment has been exploited by hackers who used the computational power to mine...

Read more arrow_forward

Snapchat Phishing Attack Swipes Credentials of Over 50,000 USers

Details have emerged on a phishing attack which saw hackers steal the credentials of over 50,000...

Read more arrow_forward