Defense One | By: Jack Corrigan | August 11, 2017:
Foreign and domestic hackers probed hundreds of security holes in critical Air Force networks for weeks in late spring, and the Pentagon knew all about it. But instead of getting punished, the hackers got paid.
The Defense Department’s third and most successful bug bounty program, Hack the Air Force, uncovered a record 207 vulnerabilities in the branch’s major online systems. The department’s previous initiatives, Hack the Pentagon and Hack the Army, found 138 and 118 security gaps, respectively.
Unlike previous bug bounty programs that were open only to Americans, Hack the Air Force invited hackers from four countries outside the U.S. to participate: Australia, Canada, New Zealand and the United Kingdom.
Though inviting foreigners to hack military networks may sound unsafe, Air Force Chief Information Security Officer Peter Kim says the DOD frequently works with partner nations on initiatives to boost cybersecurity.
“We get a diversity of efforts that will make sure we have looked at our security from every angle,” Kim told Nextgov. “By allowing the good guys to help us, we can better level the playing field and get ahead of the problem instead of just playing defense.”
To read full article – please click here.
