Pentagon wants more people to hack its websites and networks
And it will even pay them to do it.
The Department of Defense's Hack the Pentagon program was apparently so successful, the agency has decided to extend and develop new initiatives for it. Similar to Facebook's, Twitter's and Google's bug bounty projects, Hack the Pentagon paid white hackers for the vulnerabilities they discovered on the department's websites. It ran from April 18th until May 12th, 2016 and doled out over $70,000 in rewards. However, the initial run only covered five public-facing online properties -- defense.gov, dodlive.mil, dvidshub.net, myafn.net and dimoc.mil. The department believes that the concept will also "be successful when applied to many or all of DoD's other security challenges."
Starting this month, the agency will develop a new disclosure process and policy. It will anyone to report the flaws they find not only on DoD's websites, but also its systems, networks and applications without fear of repercussion. The department will expand the program to cover the services it offers and will offer incentives to contractors who open their systems for testing, as well.
The department's network was hacked more than once last year, with one instance leading to the temporary shutdown of its email system. All those instances might have compelled the agency to beef up its digital security in several way. Besides expanding its bug bounty program, the Pentagon has also hired Matt Cutts, the head of Google's Webspam team, to be part of its Defense Digital Service.