Skip to main content
close search
site logo
Dive Brief

True story: The Defense Department wants cyber experts to 'Hack the Pentagon'

Published March 3, 2016
By
Contributing Editor
DoD photo by Master Sgt. Ken Hammond, U.S. Air Force. [Public domain], from Wikimedia Commons

Dive Brief:

  • The Pentagon said on Wednesday it plans to invite hackers to test the cybersecurity of some public U.S. Department of Defense websites. 
  • Only vetted hackers will be invited to attend. The pilot program, slated to begin next month, is modeled after the "bug bounty" programs used by several large U.S. businesses to find holes in their network security before hackers do.
  • "Hack the Pentagon,” as the program is being called, would be the first-ever such program offered by the federal government.

Dive Insight:

Pentagon officials said details of the contest are still being worked out but the competition could involve monetary awards. Thousands of qualified participants are expected to sign up. To quality, participants must be U.S. citizens and will have to register and submit to a background check, the Pentagon said.

"I am confident that this innovative initiative will strengthen our digital defenses and ultimately enhance our national security," Defense Secretary Ash Carter said in a statement unveiling the pilot program.

The initiative would open at least some of the department's vast network of computer systems to cyber challenges from across industry and academia.

"The goal is not to comprise any aspect of our critical systems, but to still challenge our cybersecurity in a new and innovative way," a Pentagon official said.

A "State of Bug Bounty Report" by cybersecurity firm Bugcrowd last August found the use of bug bounties is growing among businesses. Bug bounties can save enterprises hundreds of thousands of dollars by detecting weaknesses before deployment, the study said. Bugcrowd said companies including Western Union, Tesla Motors and United Airlines have all conducted bug bounty programs.

Some non-malicious, or white hat, hackers conduct security tests of organizations of their own volition. Last month, a white hat hacker discovered a vulnerability in a database belonging to uKnowKids, a firm that allows parents to track their kid's online activity. The researcher, Chris Vickery, said there were no password protection in place on the site, exposing millions of text messages, pictures and 1,700 "detailed child profiles” belonging to uKnowKids' customers.

Recommended Reading

Filed Under: IT Strategy, Security

Editors' picks

Company Announcements

View all | Post a press release
Celonis Business Collaboration Networks Drive Process Improvement Across Company Boundaries
From Celonis
October 23, 2024
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
Celonis AgentC: Making AI Agents Work for the Enterprise with Process Intelligence
From Celonis
October 23, 2024
Tech Ambitions Collide with Reality: 2025 Technology Impact Report Exposes Critical Readiness…
From Omnia Strategy Group, LLC
October 21, 2024
Editors' picks
Latest in IT Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell