- Competition will test public, not `mission critical' systems
- Background checks will be required for `Hack the Pentagon'
Uncle Sam is looking for a few good hackers.
As part of an effort to test its cybersecurity, the U.S. Defense Department is challenging computer geeks from the private sector to hack its public websites and networks. To sweeten the pot for would-be hackers, the military is dangling unspecified cash awards and the prospect of other recognition.
“I am always challenging our people to think outside the five-sided box that is the Pentagon,” Defense Secretary Ash Carter said Wednesday in a statement announcing the program. “Inviting responsible hackers to test our cybersecurity certainly meets that test.”
The “Hack the Pentagon" initiative marks the first time the U.S. government has put a bounty on finding weaknesses in network security, a technique private companies often employ, according to a Pentagon statement. Federal agencies are under almost constant assault from computer hackers, and defense officials have repeatedly cited Russia and China as suspected perpetrators of attacks on U.S. networks.
One requirement that may scare off those hackers who consider themselves rebels and might even admire Edward Snowden for the government secrets he disclosed: The Pentagon is requiring participants to register and pass a background check before deputizing them to go after its websites. Nor will the program turn the hackers loose on any mission-critical systems, the Pentagon said.
The “controlled, limited duration” pilot program in hacking will start in April, according to the Pentagon, which promised more details in coming weeks.
In a speech last year, Carter disclosed that Russian hackers had penetrated one of the Defense Department’s unclassified computer networks. The perpetrators had entered through an old vulnerability that hadn’t been patched, he said in remarks at Stanford University.
Since taking office a year ago, Carter has sought to enlist private-sector help in strengthening the Pentagon’s cybersecurity, particularly through collaboration with some of the biggest companies in Silicon Valley.
As part of that effort, the defense chief announced on Wednesday plans to create a 12-member Defense Innovation Advisory Board, headed by Eric Schmidt, executive chairman of Alphabet Inc., the company that owns Google.
The other members will be chosen by Carter and Schmidt and “represent a cross-section of America’s most innovative industries, drawing on technical and management expertise from Silicon Valley and beyond,” the Pentagon said in a statement.