Hackers invited by the Pentagon to test the security of its unclassified computer systems have turned up 100 “bugs,” security flaws that could allow adversaries to penetrate and compromise Department of Defense public websites.
Defense Secretary Ash Carter announced the preliminary results of DoD’s “Hack the Pentagon” program Friday at a tech summit sponsored by Defense One.
Carter said the program exceeded expectations, as 1,400 vetted hackers discovered more than 100 bugs in a three-week period.
“They are helping us to be more secure at a fraction of the cost,” Carter said. “And in a way that enlists the brilliance of the white hatters, rather than waits to learn the lessons of the black hatters.”
The Pentagon program was modeled on bug bounty programs that are in widespread use in the private sector. But this was a first for the federal government.
The program invited hackers to register with the Pentagon, and then try to penetrate several DoD public websites.
Critical, mission-facing computer systems were not part of the program, according to the Pentagon.
