SoylentNews is people
SoylentNews
Submission Preview
Department of Defense Invites You to "Hack the Pentagon"
The U.S. federal government has announced its first ever "bug bounty" program [defense.gov], that will allow vetted hackers [npr.org] who have passed a background check to attack a non-critical Department of Defense system for potential rewards of money and recognition. From the press release:
Under the pilot program, the department will use commercial sector crowdsourcing to allow qualified participants to conduct vulnerability identification and analysis on the department's public webpages. The bug bounty program is modeled after similar competitions conducted by some of the nation's biggest companies to improve the security and delivery of networks, products, and digital services. The pilot marks the first in a series of programs designed to test and find vulnerabilities in the department's applications, websites, and networks.
Participants in the bug bounty will be required to register and submit to a background check prior to any involvement with the pilot program. Once vetted, these hackers will participate in a controlled, limited duration program that will allow them to identify vulnerabilities on a predetermined department system. Other networks, including the department's critical, mission-facing systems will not be part of the bug bounty pilot program. Participants in the competition could be eligible for monetary awards and other recognition.
This innovative project is a demonstration of Secretary Carter's continued commitment to drive the Pentagon to identify new ways to improve the department's security measures as our interests in cyberspace evolve. "I am always challenging our people to think outside the five-sided box that is the Pentagon," said Secretary of Defense Ash Carter. "Inviting responsible hackers to test our cybersecurity certainly meets that test. I am confident this innovative initiative will strengthen our digital defenses and ultimately enhance our national security."
[...] The pilot program will launch in April and the department will provide more details on requirements for participation and other ground rules in the coming weeks.
