The Pentagon has fixed more than 2,800 security problems after hackers from more than 50 countries, responded to the department’s vulnerability disclosure programme launched a year ago.
The programme opened on November 21, 2016 allowed good hackers from around the world to notify to the US Department of Defense, or Pentagon, about cyber security problems in one of its public-acing websites.
The bold initiative came shortly after another programme called the ‘Hack the Pentagon’, which offered cash rewards for anyone who identified a valid security problem. Although the vulnerability disclosure programme did not offer any incentives, hackers still provided valuable information for the Pentagon.
According to media reports, about 650 hackers from more than 50 countries submitted security glitches that needed repair. The programme was run by a firm Hacker One that has also ran the Hack the Pentagon programme.
While most of the responses came from the United States-based researchers, HackerOne released top nine foreign countries reporting vulnerabilities.
The initiative was good but a bold one given the fact that hacking protected system and even reporting weaknesses is illegal under the Computer Fraud and Abuse Act. ‘Hack the Pentagon’ project was thus seen as a bold move.