The Pentagon: Enlisting the Help of Hackers

Black hat hackers have made major headline news in recent weeks following the 2016 presidential election. For fear that state actors are perpetrating advanced hacking measures in order to alter election outcomes, governments around the world, including the United States and Germany, are looking to bolster their cybersecurity protection in the hopes of stymieing outsider threats. With cybercriminals infiltrating seemingly locked down government information and using it to fulfill disastrous plans, cyberterrorism has become an elusive, shapeshifting player on the world stage.

Cybercrime: The New Battlefront
Cyber espionage isn't a new threat, but the successes of Russia's state-sponsored cybercriminals are cause for alarm.

In April of this year, Secretary of Defense Ashton Carter called on white hat hackers to "Hack the Pentagon." A pilot bug bounty program (the first of its kind in the U.S.) that asked hackers (not associated with the government) to find vulnerabilities in government networks, Hack the Pentagon had 250 hackers submit a vulnerability report, 138 of the 250 reports showed vulnerabilities that were proven to be "legitimate, unique and eligible for bounty."

The goal of the pilot program, to quote Carter in an article from the U.S. Department of Defense, was to "[create] a pathway for ethical hackers and security researchers to report vulnerabilities in DoD networks and systems. As a result, the department is creating a central point of contact for researchers and technologists to point out gaps."

What originally inspired the Hack the Pentagon pilot program was the stolen personnel records of millions of federal employees in 2015. According to the New York Times, this was one of the most injurious cyberattacks in history. These attacks came after a black hat group affiliated with the Islamic state was able to infiltrate and take control of the Central Command's Twitter account, renaming it the "Cyber Caliphate".

Evolving with the Times
Energized by the findings of the Hack the Pentagon program, Carter and the Defense Department announced a new formal policy in mid-November that legitimized the efforts of an outside group of computer experts in testing for vulnerabilities in the government network. The white hats won't be paid for their services, but the Defense Secretary is hoping they will do it as part of their civic duty.

Following in the Defense Department's footsteps, the United States Army has set up a "Hack the Army" program. This program, like Hack the Pentagon, will offer cash rewards to white hat hackers who are able to find vulnerabilities in its network and gain entry into the system. The reason for the new program, according to Army Secretary Eric Fanning, is because "The Army's not agile enough to keep up with a number of things that are happening in the tech world and in other places outside the Department of Defense. We'sre looking for new ways of doing business."

You can't combat a cyberattack if you don't have the right toolset at your disposal. The United States (and other governments) have recognized this and are taking cybersecurity protection measures to keep the people safe. For more information on cybersecurity and cybersecurity insurance visit CyberPolicy today.

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375