US government asks people to 'hack the Pentagon' to test US security setup

The programme is the first of its kind ever launched by the federal government

Andrew Griffin
Wednesday 02 March 2016 16:06 GMT
Comments

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The US government has launched a major programme that will see it ask people to try and hack it.

The "Hack the Pentagon" scheme will ask vetted hackers to try and test the cybersecurity of public Department of Defense websites. In doing so, it hopes to check that all of its privacy plans are up to date and able to keep out dangerous cyber criminals.

The plan is the first of its kind launched by the federal government. It is similar to the "bug bounties" offered by big tech firms, which see them challenge hackers to attempt to find exploits and problems in their security.

"I am confident that this innovative initiative will strengthen our digital defenses and ultimately enhance our national security," Defense Secretary Ash Carter said in a statement unveiling the pilot program.

One senior defense official said thousands of qualified participants were expected to join the initiative. Details and rules were still being worked out but the competition could involve monetary awards, the Pentagon said.

The Pentagon has long tested its own networks using internal so-called "red teams," but this initiative would open at least some of the department's vast network of computer systems to cyber challenges from across industry and academia.

Participants must be U.S. citizens and will have to register and submit to a background check before being turned loose on a predetermined public-facing computer system, the Pentagon said. It said other more sensitive networks or key weapons programs would not be included, at least initially.

"The goal is not to comprise any aspect of our critical systems, but to still challenge our cybersecurity in a new and innovative way," said the official.

The initiative is being led by the Pentagon's Defense Digital Service (DDS), which was set up last November to bring experts from the U.S. technology industry into the military for short stints.

"Bringing in the best talent, technology and processes from the private sector ... helps us deliver comprehensive, more secure solutions to the DOD," said Chris Lynch, a former Microsoft executive and technology entrepreneur who heads DDS.

Carter introduced Lynch during a speech to the Commonwealth Club on Tuesday and said he had already recruited coders from companies like Google and Shopify for a Pentagon "tour of duty."

Additional reporting by Reuters

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in