The Defense Department today announced it is enlisting the help of a select group of “vetted” hackers to participate in the first government cyber bug bounty program.
The pilot project, known as the Hack the Pentagon initiative, will leverage commercial crowdsourcing to find trusted cybersecurity professionals to help uncover vulnerabilities in the Pentagon’s public Web pages.
“Participants in the bug bounty will be required to register and submit to a background check prior to any involvement with the pilot program,” according to a Defense Department statement. “Once vetted, these hackers will participate in a controlled, limited duration program that will allow them to identify vulnerabilities on a predetermined department system. Other networks, including the department’s critical, mission-facing systems, will not be part of the bug bounty pilot program. Participants in the competition could be eligible for monetary awards and other recognition.”
Word of the bounty program comes as Secretary of Defense Ash Carter continues a series of visits to Silicon Valley, where he has kick-started several defense innovation initiatives as well as a major recruitment effort designed to attract the commercial sector’s high-tech talent to tours of duty in the department’s Defense Digital Service.
The Pentagon’s DDS team—an extension of the White House’s U.S. Digital Service—includes a small team of engineers and data experts who have been tasked with improving the department’s technological agility.
“Bringing in the best talent, technology, and processes from the private sector not only helps us deliver comprehensive, more secure solutions to the DoD, but it also helps us better protect our country,” said DDS Director Chris Lynch, a technology entrepreneur and former Microsoft technologist recruited by Carter to lead the effort.
“I am always challenging our people to think outside the five-sided box that is the Pentagon,” Carter said. “Inviting responsible hackers to test our cybersecurity certainly meets that test. I am confident this innovative initiative will strengthen our digital defenses and ultimately enhance our national security.”