U.S. military wants white-hat hackers to target its cyber security systems
Security

U.S. military wants white-hat hackers to target its cyber security systems

The U.S. military, which continues its interest in bug bounty programs as a way to improve cybersecurity, is launching a new contest next month.

Called “Hack the Air Force,” the new program will put certain of the branch’s Web sites up as targets for a set of international hackers who have been vetted by HackerOne, which is running the program.

+More on Network World: IBM: Financial services industry bombarded by malware, security threats+

The new contest follows on the Hack the Pentagon program last year that netted 138 vulnerabilities, and Hack the Army, which netted 118.

The new contest is open to researchers from the U.S., Canada, the U.K., Australia and New Zealand who have been vetted by HackerOne. The countries make up the Five Eyes intelligence alliance that monitors communications worldwide. Registration starts May 15.

“We have malicious hackers trying to get into our systems every day,” says Air Force Chief Information Security Officer Peter Kim. “It will be nice to have friendly hackers taking a shot and, most importantly, showing us how to improve our cybersecurity and defense posture.”

In addition to these programs, the Department of Defense may launch another program that targets not Web sites but DoD infrastructure such as sensors in heating systems, according to Nextgov. This physical infrastructure can be exposed to the internet, which leaves it open to possible attacks.

The possibility of a bounty program against these systems was raised this week by Daryl Haegley, who is the program manager for the Office of the Assistant Secretary of Defense for Energy, Installations and Environment.

He says he is trying to get senior officials to buy into such a plan, Nextgov says.

Visits to 15 military sites found that 75% of devices in control systems run unsupported operating systems including Windows XP, Windows 98 and Windows 95, the report says.

The Hack the Pentagon program paid out a total of $75,000 to researchers who discovered vulnerabilities, with the individual prizes ranging from $1 to $15,000.

HackerOne hasn’t announced what the prize range is for Hack the Air Force.

IDG Insider

PREVIOUS ARTICLE

«Google eyes massive AI expansion with new Assistant SDK

NEXT ARTICLE

Acer's Nitro 5 is a laptop that lets casual gamers get reckless»

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should we donate our health data the same way we donate organs?