Following an announcement last month that the Defense Department will be expanding its revolutionary bug bounty program, which provides monetary compensation to outside hackers that discover and disclose vulnerabilities on DoD networks, the Army unveiled its iteration of this innovative initiative.
"The Army is reaching out directly to a group of technologists and researchers who train in figuring out how to break into computer networks they're not supposed to — people we might normally have avoided and much of the department still does actually," Army Secretary Eric Fanning said during a Nov. 11 news conference in Austin, Texas.
Fanning also described plans to take Hack the Army, which will launch at the end of November, further than Hack the Pentagon. "[T]he websites and computer databases we're inviting hackers to test won't be publicly released until our partner HackerOne invites a group of hackers to the bug bounty later this month," he said, referencing one of the military's commercial partners in this effort. "Each of these sites is essential to our day-to-day recruiting mission. While Hack the Pentagon focused on static websites, Hack the Army will be composed of dynamic content and mission-critical websites that we rely on to recruit the best fighting forces in the country. These assets have deep ties to the Army's core operations."
"I'm also happy today to announce a change that was just secured last night that makes Hack the Army different from Hack the Pentagon," Fanning announced, thanking the Defense Digital Service, which led Hack the Pentagon, for its persistence in pursuing the change. DDS was stood up by Secretary of Defense Ash Carter to bring in outside talent and replicate the tech culture of Silicon Valley firms to solve challenging problems for the department.
"We have secured legal approval to open this up to active-duty military personnel, reservist and guard, as well as civilians, government civilians," Fanning said. These personnel with have to register and be vetted just as outside members of the program were during the Hack the Pentagon program.
Government and military personnel "weren’t allowed to participate in Hack the Pentagon," Fanning said. "We’ve got a number of people inside the military, inside the government who want to participate as a way of contributing to this important mission and also honing their own skills."
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.