Strategy, Threat intelligence

DOD expands vulnerability disclosure program, giving hackers more approved targets

May 5, 2021
The Pentagon has announced that it is expanding its Hack the Pentagon program to allow interested hackers to target all Department of Defense information systems that are accessible to the public, including Internet of Things devices, publicly-accessible networks and industrial control systems, reports CyberScoop.

“This expansion is a testament to transforming the government’s approach to security and leapfrogging the current state of technology within DOD,” said Defense Digital Service Director Brett Goldstein.

Launched in 2016, the bug bounty program previously only allowed ethical hackers to go after DOD systems with public-facing applications and websites, and was created to award talented hackers for finding security vulnerabilities within the agency before foreign hackers discover these security flaws.

“The department has always maintained the perspective that DOD websites were only the beginning as they account for a fraction of our overall attack surface,” said Kristopher Johnson, director of the DOD Cyber Crime Center.
prestitial ad