A massive group of hackers successfully penetrated the Pentagon’s computer systems last month, but instead of seeing legal prosecution, they were awarded cash bounties.
The 138 participants were part of over 1,400 hackers invited to participate in the first annual “Hack the Pentagon” program. Secretary of Defense Ash Carter originally announced the program in March, with the intention of engaging ethical hackers in a crowd-sourcing program to help the Pentagon discover vulnerabilities in some of its websites.
“When it comes to information and technology, the defense establishment usually relies on closed systems,” Carter said, announcing the results of the contests Friday. “But the more friendly eyes we have on some of our systems and websites, the more gaps we can find, the more vulnerabilities we can fix, and the greater security we can provide to our warfighters.”
Bounties paid ranged from around $100 to as much as $15,000, according to Lisa Wiswell of the Defense Digital Service.
In total, the program cost the Pentagon $150,000, and ran from April 18 to May 12. Carter said the money was well spent, considering a security audit from a security firm would have cost the government significantly more for the same work.
None of the computer systems hacked in the contest were of crucial national security systems, said Chris Lynch, the director of the Defense Digital Service. Websites available to be probed by the hackers included defense.gov, dodlive.mil, dvidshub.net, myafn.net and dimoc.mil, according to a DoD spokesman.
Each of the hackers participating in the contest registered with the Pentagon and submitted a background check.
One of the hackers participating in the program was 18-year-old high school senior David Dworken. He discovered six vulnerabilities using his laptop between classes.
“I generally just worked on it during any free time I had, during free periods,” said Dworken, who hopes to study computer science in college and one day enter the cyber security field, according to the DoD’s announcement.
The Pentagon employed the Silicon Valley-based HackerOne company to fix the various vulnerabilities after the contest ended.
Send tips to russ@dailycallernewsfoundation.org.
All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact licensing@dailycallernewsfoundation.org.
