Hackers contracted by the Defense Department to test the security of its less-sensitive computer systems have found more than 100 vulnerabilities, the Pentagon admitted.The “Hack the Pentagon” program has exceeded expectations, with 1,400 certified hackers helping find unnoticed security issues in the DoD’s networks, Defense Secretary Ashton Carter said at a Washington, DC tech forum on Friday.
The Defense Department had said previously that it planned to award bounties of upwards to $15,000 to individuals who could find security flaws in Pentagon systems, so they could be fixed before bad actors exploit them.
“They are helping us to be more secure at a fraction of the cost,” Carter said Friday. “And in a way that enlists the brilliance of the white hatters, rather than waits to learn the lessons of the black hatters.”
Individuals who have passed a vetting process would engage in “controlled, limited duration program that will allow them to identify vulnerabilities on a predetermined department system,” Carter said in March, when the program was launched.
Critical and highly-sensitive Pentagon networks, however, remained off-limits to these helpful hackers.
The Pentagon took a cue from Silicon Valley giants like Facebook, Microsoft and Google, who have been putting out millions of dollars in similar bounties for years.
Read more here: