The US Department of Defense (DoD) has invited hackers participate in “Hack the Pentagon”, a program aimed at finding vulnerabilities in some of the Department’s websites.
The project is an alternative to the usual testing performed by the Department’s red teams, and is a way to get the tech industry involved. Ash Carter, the Defense Secretary, is currently on a West Coast tour that’s “part of efforts to strengthen ties with the tech community, expand thinking and strengthen the department against future threats.”
Of course, not every hacker that wants to participate will be allowed to. Reuters reports that only US citizens can apply, and will be admitted to the program if they pass a background check.
The target for those who do will be DoD’s public-facing systems – for now. Other, more sensitive systems could end up being included at a later date.
The DoD is expecting thousands of participants, even though details about the project are still fuzzy. It’s also unknown if the DoD will be offering bug bounties for the discoveries made by the hackers.
On the other hand, it’s likely that some of them will be invited to join the Department to help secure its systems, and the prospect of such a job might be for many a great incentive to participate.
It has been known for some time that the US Department of Defense is short on cybersecurity professionals, and that it has been having a tough time luring them from the civil sector.
Its systems are getting attacked every day and occasionally breached, and the need for experts is obvious.
In another piece of news, the DoD is also planning to hire private contractors to create a computer system for the newly created National Background Investigations Bureau. The new agency is meant to to replace the Office of Personnel Management’s (OPM) Federal Investigative Services (FIS).
The Pentagon hopes to get a little over $600 million in the next five years for the project, and all the biggest arms makers are expected to bid for it.
The plan is to make the system flexible enough to be able to meet current and future needs when it comes to the background check process of people applying for and holding security clearances.