'Hack the Pentagon' program reveals 138 security flaws: US

June 18, 2016
Credit: George Hodan/Public Domain

Hackers invited by the US government as part of a pilot program to find flaws with five Pentagon websites discovered 138 security vulnerabilities, Defense Secretary Ash Carter said Friday.

The "Hack the Pentagon" event, the first "bug bounty" in the history of the federal government, attracted 1,410 computer-savvy Americans, according to the Defense Department. The program cost $150,000, with about half of that going to hackers.

"It's not a small sum, but if we had gone through the normal process of hiring an outside firm to do a security audit and vulnerability assessment, which is what we usually do, it would have cost us more than $1 million," Carter said during a short ceremony at the Pentagon.

"Beyond the security fixes we've made, we've built stronger bridges to innovative citizens who want to make a difference to our defense mission."

The hackers were invited to find flaws with five public websites, including defense.gov, between April 18 and May 12.

During that period, the hackers reported 1,189 vulnerabilities, with 138 of them determined to be "legitimate, unique and eligible for a bounty."

David Dworken, an 18-year-old recent high school graduate from the Washington area, appeared at the Pentagon ceremony alongside Carter and said he worked on finding bugs in his spare time.

Dworken said he has been participating in bug bounty programs since he was in the 10th grade, and plans to study computer science in college.

Although Dworken didn't reap any financial awards—the flaws he found had already been reported by others—he said participating was "incredibly rewarding" in terms of networking.

"I'm just in high school. And I have recruiters contact me about internships over the summer," he said.

Explore further: Hackers find security gaps in Pentagon websites

Related Stories

Hackers find security gaps in Pentagon websites

June 17, 2016

High-tech hackers brought in by the Pentagon to breach Defense Department websites were able to burrow in and find 138 different security gaps, Defense Secretary Ash Carter said Friday.

Pentagon announces new push for 'smart' fabrics

April 1, 2016

US Defense Secretary Ash Carter announced an initiative Friday to create smart textiles that one day could see tents made of power-generating fabric, running shoes as light as socks and uniforms that detect chemical and nuclear ...

Recommended for you

Permanent, wireless self-charging system using NIR band

October 8, 2018

As wearable devices are emerging, there are numerous studies on wireless charging systems. Here, a KAIST research team has developed a permanent, wireless self-charging platform for low-power wearable electronics by converting ...

Facebook launches AI video-calling device 'Portal'

October 8, 2018

Facebook on Monday launched a range of AI-powered video-calling devices, a strategic revolution for the social network giant which is aiming for a slice of the smart speaker market that is currently dominated by Amazon and ...

Artificial enzymes convert solar energy into hydrogen gas

October 4, 2018

In a new scientific article, researchers at Uppsala University describe how, using a completely new method, they have synthesised an artificial enzyme that functions in the metabolism of living cells. These enzymes can utilize ...

5 comments

Adjust slider to filter visible comments by rank

Display comments: newest first

gkam
1.6 / 5 (7) Jun 18, 2016
I fear more our own "intelligence" agencies, who were caught spying on their overseers. Do you think anything was done about it? NO?

Then, who owns us?
gkam
1.5 / 5 (8) Jun 18, 2016
She lies down on the laptop? And gets the "big fat bone-us"?
malapropism
4 / 5 (8) Jun 18, 2016
@gkam
She lies down on the laptop? And gets the "big fat bone-us"?

That's possibly the most crass, uncalled-for, sexist and misogynistic comment I have ever read here from you or anyone else. It's not funny - I assume it was intended as a joke - and I hope you feel ashamed of yourself.
gkam
1.7 / 5 (6) Jun 18, 2016
No it was meant to be offensive to whoever put that ad in the forum.

Let them go buy their own ad space, and stop spamming this one with their lies for money.

The ad is now gone, and perhaps you did not see it.

gkam
1 / 5 (4) Jun 19, 2016
Well, bless my poor soul, Ellie is back, . . .

That laptop must be flat by now.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.