Computer hackers constantly take aim at the
Defense Department, and they’ve been successful a few times at defacing websites and reaching into networks where they don’t belong.
But now, the military hopes to fend off malicious hackers by enticing some experts to report problems in exchange for cash.
The “Hack the Pentagon” bug bounty program launching in April will be the first government-sponsored hacking initiative of its kind.
The idea is borrowed from Snapchat, Google, Microsoft and countless other tech companies that operate similar programs. The firms reward hackers with a bounty, including cash and other prizes, when they report vulnerabilities in their services and tools.
Details of the Pentagon’s program, which will be coordinated by an outside company, are still being finalized. Getting all the legalities in place to authorize the program has been no simple task, a department spokesman said.
But the Pentagon teased the offering as part of Defense Secretary
Ashton Carter’s visit to Silicon Valley this week, including a stop at the RSA Security Conference in San Francisco on Wednesday.
Carter didn’t give specifics when asked on television about potential payment amounts, telling CNBC only that the “recognition” computer programmers will get from saying that they “hacked the Pentagon” will be a major draw.
The initial program is just a test and covers bugs only on public military websites, but the goal is eventually to expand coverage to identify vulnerabilities in apps and networks, the Pentagon said. Reward-seekers must submit to background checks.
Chat with me on Twitter @peard33.