US DoD to invite hackers to test cyber security


The US Department of Defense (DoD) is to invite external hackers to conduct vulnerability identification and analysis on the department's applications, websites, and networks as part of the 'Hack the Pentagon' initiative.

Modelled after similar competitions conducted by the nation's biggest companies, the initiative aims to improve the security and delivery of networks, and digital services of the federal government.

US Defense Secretary Ash Carter said: "I am always challenging our people to think outside the five-sided box that is the Pentagon. Inviting responsible hackers to test our cybersecurity certainly meets that test.

"I am confident this innovative initiative will strengthen our digital defences and ultimately enhance our national security."

"I am confident this innovative initiative will strengthen our digital defences and ultimately enhance our national security."

Led by DoD's Defense Digital Service (DDS), the DoD will leverage commercial sector crowdsourcing to allow qualified participants to test the department's cyber security.

Prior to the programme, participants will register and submit to a background check, followed by controlled testing on a predetermined department system.

However, the DoD's critical and mission-facing systems will not be part of the bug bounty pilot programme.

DDS director and technology entrepreneur Chris Lynch said: "Bringing in the best talent, technology and processes from the private sector not only helps us deliver comprehensive, more secure solutions to the DoD, but it also helps us better protect our country."

The programme is the first in a series intended to test and find flaws in DoD's public web pages.