Over 100 weaknesses have been found in the Pentagon’s networks and websites. Fortunately, these hackers were paid to find them.
1400 hackers took part in Hack the Pentagon, a program created by the Department of Defense. Their goal was to use whitehat hackers to probe for weaknesses with rewards of up to $15,000 for security risks discovered in the process. It’s been a great success. Ashton Carter, US Defense Secretary, lauded the program as a way to utilize “the brilliance of the white hatters, rather than waits to learn the lessons of the black hatters.” He also pointed out that it was was much more cost-effective than reacting to malignant cyberattacks.
The Hack the Pentagon program was held in April and May. All participants were required to undergo and background check, and while they were allowed to hack the Pentagon, it wasn’t open range on defense secrets. Particularly secret and sensitive areas were off-limits for the bug bounty.