Back in March, the US’s Department of Defense launched a “Hack the Pentagon” campaign to get hackers to test their websites and security networks for vulnerabilities, without the threat of jail time. The project was so successful that the government agency has announced it’s being expanded, including more DoD websites and networks, with further cash incentives for hackers. Think of it like the bug bounty programs that Google, Facebook, and other tech companies offer, except hackers get to put the government‘s most secure facilities to the test.
The original pilot for Hack the Pentagon ran from April 18th to May 12th, and was the first time the US government participated in a program rewarding hackers for discovering and reporting vulnerabilities. The DoD says it paid out $71,200 in rewards, with payments ranging from $100 to nearly $15,000. The very first bug was even reported only 13 minutes after the program began.
The initial program only focused on hacking five public-facing websites, but in announcing the expansion, the DoD says it wants to apply it to additional closed systems.
“Although the pilot was a success, it only tested the crowdsourced security concept against public-facing websites. We believe the concept will be successful when applied to many or all of DoD’s other security challenges,” a spokesperson for the DoD stated.