Hack the Pentagon

The Air Force called on white-hat hackers to protect one of its clouds.

In this week’s edition of On DoD, Peter Kim, the Air Force’s chief technology officer, Alex Rice, the CTO at HackerOne, and Reina Staley, the chief of staff of the Defense Digital Service join is to talk about the latest of DoD’s bug bounties: Hack the Air Force. We’ll also talk about changes in how the Army buys cloud computing services as part of a broader effort to shut down expensive, government-owned data centers.

When Army officials decided to launch the service’s first-ever bug bounty, one of the key questions they wanted to answer was whether sensitive personnel records were vulnerable to theft by hackers via the Army’s public-facing websites. As it turns out, the answer was yes.

The federal government decided to put the Defense Department in charge of building a new information technology backbone to house and process all of the data involved in security clearance investigations, one that would be safer from foreign attacks.

The Defense Department undertook a significant expansion of its new crowdsourced approach to cybersecurity Monday, opening its “Hack the Pentagon” challenge to literally anyone and providing them a legal route to report any security holes they find.

The Army will call on cyber amateurs and experts to try to break into the service’s personnel and recruiting sites.

The Pentagon last week made contract awards in its promised expansion of federal government’s first-ever bug bounty — the “Hack the Pentagon” challenge which would up finding and closing 138 separate cybersecurity vulnerabilities in DoD’s public-facing websites earlier this year.

In the first “Hack the Pentagon” challenge, the department asked anyone with expertise in IT security to find security flaws on five of its largest public-facing websites, including the Defense.gov homepage.

Defense Secretary Ash Carter announced he is adding three members to the Defense Innovation Advisory Board. Two of them are technologists and Silicon Valley regulars.

The Defense Department announced it would be launching the federal government’s first-ever “bug bounty,” banking on the idea that there’s a nascent community of white hat hackers that’s been itching to help the Pentagon with its cybersecurity challenges.