The U.S. Department of Defense is inviting security researchers to hack into government websites as part of a pilot project meant to improve American cybersecurity infrastructure, the Pentagon announced Wednesday.
The “Hack the Pentagon” program, first reported by Reuters, is an attempt to boost U.S. security preparedness by inviting vetted researchers and hackers to attack websites and networks. By exposing points of vulnerability, the logic goes, researchers will show the government where it needs to improve before hackers steal sensitive information, or access Pentagon employees' personal information. It's modeled after the bug bounty programs deployed by a range of U.S. technology companies.
“The goal is not to compromise any aspect of our critical systems, but to challenge our cybersecurity in a new and innovative way,” one senior defense official told Reuters.
Authorized hackers must be U.S. citizens and will need to undergo a background check before participating. Thousands are expected to take part in the program, which could include monetary rewards. The most sensitive Pentagon computer networks, including those containing weapons programs details, will not be available to hack.
Hack the Pentagon comes after vulnerabilities in a range of U.S. government agencies and computer networks, not just the Defense Department, were exploited in hacks that made international headlines. A hack last year on the U.S. Office of Personnel Management resulted in the theft of personal records belonging to at least 21.5 million current and former government employees as well as job applicants who submitted to background checks. That came after international hackers breached unclassified email systems at the State Department and White House and before a suspected Russian cyberattack on the email system used by the U.S. Joint Chiefs of Staff.