Expand / Collapse search
Watch TV
Menu

This material may not be published, broadcast, rewritten, or redistributed. ©2024 FOX News Network, LLC. All rights reserved. Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset. Powered and implemented by FactSet Digital Solutions. Legal Statement. Mutual Fund and ETF data provided by Refinitiv Lipper.

Security

The Pentagon just paid cash to hackers who found 100+ bugs in its systems

By Trevor Mogg Digital Trends
Published | Updated
f059261b-

The Pentagon in Arlington, Virginia (above) was designed so a person to walk between any two points in the Pentagon in less than seven minutes (AP)

Considering the nature of its work, it's no surprise that the Pentagon is of huge interest to hackers, whether state sponsored or pajama wearing (OK, they could be one and the same).

Keen to beef up its cyber security to keep unwelcome visitors at bay, the Department of Defense (DoD) recently launched its first-ever bug bounty program, aptly named "Hack the Pentagon."

Such schemes are pretty common these days, with companies like Google and Facebook inviting so-called "white hat" hackers -- those doing it to help rather than cause havoc -- to probe their online systems for vulnerabilities.

Set up by the DoD in partnership with HackerOne, a Silicon Valley firm that offers bug bounty services, Hack the Pentagon drew upon the skills of 1,410 white-hat hackers, with the first vulnerability report filed just 13 minutes after the challenge started.

Running for just under a month up until May 12 and focusing on five of its public-facing websites, the DoD's program turned up a whopping 138 security vulnerabilities deemed "valid and unique," officials revealed over the weekend. And yes, they've already been closed to prevent future trouble.

As a reward for their work, the defense department shared out a bounty worth around $75,000 among the hackers.

More from Digital Trends:

Pentagon hit by cyberattack; Russian hackers suspected

Who's keeping your data safe? With bug bounties, it's would-be hackers

Department of Defense officially launches 'Hack the Pentagon' program

Uber launches bug bounty program with top prize of $10,000

Having found so many vulnerabilities, it's little surprise that the DoD deemed the exercise a success. And, perhaps startled that so many flaws were surfaced, it's decided to extend the program. Starting this month, its three-pronged approach will include a "vulnerability disclosure process and policy" for the defense department so anyone with information about security weaknesses in its systems, networks, applications, and websites can submit details "without fear of prosecution."

It also includes incentives in its acquisition policies to encourage greater transparency among contractors, and finally, it'll expand the bug bounty programs to other parts of the department.

The Pentagon revealed in 2009 it'd spent more than $100 million in a six-month period dealing with damage caused by "daily" cyber attacks on its networks, with the intrusions carried out by everyone from "the bored teenager all the way up to the sophisticated nation-state, with some pretty criminal elements sandwiched in between," an official said at the time.