Threat Management

DOD expands vulnerability disclosure program, giving hackers more approved targets

The Pentagon has announced that it is expanding its Hack the Pentagon program to allow interested hackers to target all Department of Defense information systems that are accessible to the public, including Internet of Things devices, publicly-accessible networks and industrial control systems, reports CyberScoop.

“This expansion is a testament to transforming the government’s approach to security and leapfrogging the current state of technology within DOD,” said Defense Digital Service Director Brett Goldstein.

Launched in 2016, the bug bounty program previously only allowed ethical hackers to go after DOD systems with public-facing applications and websites, and was created to award talented hackers for finding security vulnerabilities within the agency before foreign hackers discover these security flaws.

“The department has always maintained the perspective that DOD websites were only the beginning as they account for a fraction of our overall attack surface,” said Kristopher Johnson, director of the DOD Cyber Crime Center.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.