(Cyberwar.news) The Defense Department’s “Hack the Pentagon” initiative, where hackers who find security bugs are rewarded, has been a success, with more than 100 vulnerabilities discovered by white hat hackers within the Pentagon’s information systems infrastructure.
As reported by The Hacker News, the Pentagon launched what it deems “the first cyber Bug Bounty Program in the history of the federal government” in March, in which hackers were invited to see if they could root out bugs in DoD systems and networks and public web sites that the DoD registers.
Some 1,400 white hat (the good guys who hack to find security bugs, not black hats who hack for espionage and personal gain) participated in the program. They were awarded up to $15,000 each for finding the most destructive vulnerabilities within Pentagon systems, Defense Secretary Ashton Carter said last week at a tech forum.
“They are helping us to be more secure at a fraction of the cost,” Carter said. “And in a way that enlists the brilliance of the white hatters, rather than waits to learn the lessons of the black hatters.”
Though bug hunters and hackers were allowed to hack into the Pentagon’s web properties, very critical and highly sensitive DoD systems were not part of the Hack the Pentagon program.
When the program was initially announced in March, Carter said he believed this effort would “strengthen our digital defenses and ultimately enhance our national security.”
Cyber security experts would certainly agree that it has, and what’s more, Carter said the effort was extremely cost-effective.
“It’s essentially free,” National Defense Magazine quoted the Pentagon chief as saying. “You get all this talent and they’re having a great time and you’re getting a security audit for free. It’s like, ‘Wow, pretty good deal.’”