The U.S. government rolls out its first "bug bounty" program modeled after those used in the private sector to test digital security.
“Hack the Pentagon” is a new cyber “bug bounty” pilot program initiated by the Department of Defense.
As its name suggests, the unique DOD program invites “vetted hackers” who pass a background test to do what they do best — try to hack into the Pentagon’s applications, websites and networks.
The Pentagon says allowing a select group of hackers to test and identify vulnerabilities on its public webpages before malicious hackers are able to find and exploit them will help it bolster its cybersecurity and strengthen America’s digital defenses.
Although many large companies in the United States already use bug bounty programs or competitions to identify potential security gaps, this is the first program of its kind initiated by the federal government.
“I am always challenging our people to think outside the five-sided box that is the Pentagon,” said Secretary of Defense Ash Carter in a statement. “Inviting responsible hackers to test our cybersecurity certainly meets that test. I am confident this innovative initiative will strengthen our digital defenses and ultimately enhance our national security.”
The agency says hackers who successfully find vulnerabilities could be eligible for cash rewards and other recognition from the government.
The program, set to launch in April, will involve a predetermined Pentagon network, not any critical, mission-facing systems, according to the DOD.
“We can’t just keep doing what we’re doing. The world changes too fast; our competitors change too fast,” Carter said during a public discussion at the RSA conference.
According to Reuters, if the “Hack the Pentagon” initiative is successful, other federal agencies may follow suit with bug bounty programs of their own.
“When people hear ‘bug bounty,’ they think we are just opening ourselves to attack. But what people forget is, we are always in this day and age under attack,” explained DJ Patil, White House chief data scientist. “By bringing crowds to the problem … you’re getting a jump on the curve.”
What do you think of the DOD’s “Hack the Pentagon” initiative? Share your comments below or on our Facebook page.