The US Department of Defense (DoD) announced last week the first ever cyber bug bounty program in the history of the federal government, inviting vetted hackers to test the security of the department’s network, website and applications. Dubbed “Hack the Pentagon,” the agency said its pilot bug bounty program is modeled after similar competitions conducted by some of the nation’s biggest companies to improve the security and delivery of networks, products and digital services. The DoD said in a press release the initiative marks the first in a series of programs designed to conduct vulnerability identification and analysis in its public webpages. “Participants in the bug bounty will be required to register and submit to a background check prior to any involvement with the pilot program,” said the DoD. “Once vetted, these hackers will participate in a controlled, limited duration program that will allow them to identify vulnerabilities on a predetermined department system,” read the press release. The DoD noted other networks – such as the department’s critical, mission-facing systems – will not be included in the bug bounty pilot program. Participants could be eligible to win money and recognition for their work, the agency said. According to Secretary of Defense Ash Carter, the project reflects the agencies continued commitment to drive the Pentagon to determine novel ways to improve the department’s security measures as its interests in cyberspace evolve: “I am always challenging our people to think outside the five-sided box that is the Pentagon,” said Carter. “Inviting responsible hackers to test our cybersecurity certainly meets that test.
“I am confident this innovative initiative will strengthen our digital defenses and ultimately enhance our national security.”
The pilot program is set to launch in April 2016. Meanwhile, the department said it will be providing more details on requirements for participation and other ground rules in the coming weeks. Last month, the Pentagon also announced its plans to spend an additional $900 million to enhance cyber defense measures in the coming year, stating it had allocated a total of $6.7 billion in its 2017 budget – an increase of 15.5 percent from the previous year. Over the course of the next five years, the Pentagon is projected to spend more than $34 billion on cyber defense.