RSS Feed
April 2nd, 2016 
Awake Goy 
nsnbc : The U.S.’ Department of Defense (DoD) announced that interested participants in its “Hack the Pentagon” pilot project now can register for participation. The Pentagon explained that the project aims to identify and resolve security vulnerabilities within DoD websites through crowdsourcing. Others note that the campaign was launched because the DoD has problems with attracting high-quality staff due to an ever more unpopular U.S. foreign and defense policy.
Courtesy of Shutterstock.
The DoD is touting its Hack the pentagon program as a bug bounty initiative. A first in the history of the federal government. The DoD is partnering with HackerOne, which it designates as a reputable Bug Bounty-as-a-service firm based out of Silicon Valley, to run the Hack the Pentagon pilot over the next several weeks. The program will start on April 18, but willing participants can now register.
The DoD announced that qualifying bounties will be issued by HackerOne no later than Friday, June 10. The program will target several DoD public websites which will be identified to the participants as the beginning of the challenge approaches. Critical, mission-facing computer systems will not be involved in the program., said the DoD.
HackerOne has set up a registration site for eligible participants. That is, eligible participants must be a U.S. person, and must not be on the U.S. Department of Treasury’s Specially Designated Nationals list, a list of people and organizations engaged in terrorism, drug trafficking and other crimes; U.S. citizens and companies are prohibited from doing business with listed entities.
In addition, successful participants who submit qualifying vulnerability reports will undergo a basic criminal background screening to ensure taxpayer dollars are spent wisely, noted the DoD. Screening details will be communicated in advance to participants, and participants will have the ability to opt-out of any screening, but will forgo bounty compensation. Prospects for the Hack the Pentagon campaign can register at the HackerOne website.
Graffiti denouncing strikes by US drones in Yemen. Khaled Abdullah/REUTERS
The DoD announced that the Hack the Pentagon pilot is modeled after similar challenges conducted by some of the nation’s biggest companies to improve the security and delivery of networks, products, and digital services. By providing a legal avenue for the responsible disclosure of security vulnerabilities, bug bounties engage the hacker community to contribute to the security of the Internet. Individual bounty payments will depend on a number of factors, but will come from the $150,000 in funding for the program. Defense Secretary Ashton Carter noted that:
“This initiative will put the department’s cybersecurity to the test in an innovative but responsible way. I encourage hackers who want to bolster our digital defenses to join the competition and take their best shot.”
The “Hack the Pentagon” initiative is being led by the department’s Defense Digital Service (DDS), launched by Secretary Carter last November. The DDS, an arm of the White House’s dynamic cadre of technology experts at the U.S. Digital Service, includes a small team of engineers and data experts meant to improve the department’s technological agility.
Previous reports suggest that the DoD launched the campaign after having difficulties with finding IT experts who would find working for the Pentagon attractive. Among the reasons that are widely perceived as turnoffs are relatively low wages as well as the bad image that is associated with U.S. military campaigns worldwide and U.S. foreign policy.
F/AK – nsnbc 02.04.2016
Related article:
DoD Sponsors ‘Hack the Pentagon’ Because No One Will Work For Them
Source Article from http://nsnbc.me/2016/04/02/us-defense-department-opens-doors-for-hackers/
Posted in 
Tags: 
