- The Pentagon said on Wednesday it plans to invite hackers to test the cybersecurity of some public U.S. Department of Defense websites.
- Only vetted hackers will be invited to attend. The pilot program, slated to begin next month, is modeled after the "bug bounty" programs used by several large U.S. businesses to find holes in their network security before hackers do.
- "Hack the Pentagon,” as the program is being called, would be the first-ever such program offered by the federal government.
Pentagon officials said details of the contest are still being worked out but the competition could involve monetary awards. Thousands of qualified participants are expected to sign up. To quality, participants must be U.S. citizens and will have to register and submit to a background check, the Pentagon said.
"I am confident that this innovative initiative will strengthen our digital defenses and ultimately enhance our national security," Defense Secretary Ash Carter said in a statement unveiling the pilot program.
The initiative would open at least some of the department's vast network of computer systems to cyber challenges from across industry and academia.
"The goal is not to comprise any aspect of our critical systems, but to still challenge our cybersecurity in a new and innovative way," a Pentagon official said.
A "State of Bug Bounty Report" by cybersecurity firm Bugcrowd last August found the use of bug bounties is growing among businesses. Bug bounties can save enterprises hundreds of thousands of dollars by detecting weaknesses before deployment, the study said. Bugcrowd said companies including Western Union, Tesla Motors and United Airlines have all conducted bug bounty programs.
Some non-malicious, or white hat, hackers conduct security tests of organizations of their own volition. Last month, a white hat hacker discovered a vulnerability in a database belonging to uKnowKids, a firm that allows parents to track their kid's online activity. The researcher, Chris Vickery, said there were no password protection in place on the site, exposing millions of text messages, pictures and 1,700 "detailed child profiles” belonging to uKnowKids' customers.