Pentagon puts the call out to hackers to test its cyber defences
The US Department of Defense may boast the world's most powerful military, but its online databases are far from indomitable, as a recent spate of apparent cyberattacks seems to suggest. The Pentagon is now inviting hackers to have at its public webpages as part of an initiative to highlight cybersecurity vulnerabilities.
The Department of Defense (DoD) says that the "Hack the Pentagon" pilot program is the first cyber bug bounty program in the history of the federal government. Just as web giants like Facebook and Yahoo hold competitions and offer cash rewards for those who expose security flaws, the DoD is also dangling a little cash carrot in front of enterprising hackers to find out just how robust its networks and digital services are.
But don't go dusting off your white hat just yet. Participants' suitability for the program will first be assessed by way of a background check, and will then take part in a controlled program on a predetermined department system. Not surprisingly this means that its other networks, such as those with sensitive mission-specific information, will be off limits.
"Bringing in the best talent, technology and processes from the private sector not only helps us deliver comprehensive, more secure solutions to the DoD, but it also helps us better protect our country," says director of the departments Defense Digital Service, Chris Lynch.
Last year the Pentagon was subject to a number of foreign hacks, one of which affected around 4,000 civilian and military personnel and lead to the email system being taken off line.
In February the government kicked off the Cyber National Action Plan, aimed at protecting against such attacks. The Hack the Pentagon pilot is just one arm of this wider initiative. It will begin in April, with the DoD to provide further details ahead of the launch.
Source: Department of Defense
Please keep comments to less than 150 words. No abusive material or spam will be published.
Someone at the pentagon needs to google "how to block phishing" and look for products that do this.
Donna Seymour (OPM's CIO) didn't bother either, she's now unemployed with a ruined career, and listening to government saying this about her: "On her watch, whether through negligence or incompetence, millions of Americans lost their privacy and personal data. The national security implications of this entirely foreseeable breach are far-reaching and long-lasting."
The DoD will be next if they continue failing to use their brains. It's really simple: work out the threats, put solutions in place. Stuffing around on an irrelevant 9% of the problem is near pointless.