Hackers screened for their good intentions found 138 “vulnerabilities” in the Defense Department’s cyber defenses in a “bug bounty” awards program that will end up saving the Pentagon money, Defense Secretary Ashton Carter said Friday.
Under the “Hack The Pentagon” program, the first ever conducted by the federal government, more than 1,400 “white hat” hackers were vetted and invited to challenge Pentagon’s defenses to compete for cash awards.
Of the 1,400 who entered, about 250 submitted reports on vulnerability and 138 of those “were determined to be legitimate, unique and eligible for bounty,” Carter said at a Pentagon news conference.
The lessons learned from the “Hack The Pentagon” challenge, an initiative of the Defense Digital Services started by Carter, came at a fraction of the cost of bringing in an outside firm to conduct an audit of the Pentagon’s cyber security, he said.
The awards going out total $150,000 while a full-blown cyber audit would have cost at least $1 million, he said. In addition, “we’ve fixed all those vulnerabilities,” Carter said.
Full article: Hackers Crack Pentagon’s Cyber Walls More Than 130 Times (Defensetech)