Tech Musing 2: Pentagon offers $150,000 bounty for hackers

“Pentagon offers $150,000 bounty for hackers” April 1, 2016
http://www.cnbc.com/2016/04/01/pentagon-offers-150000-bounty-for-hackers.html

The Department of Defense is now starting a new program that allows hackers to try their hand at hacking into the Pentagon’s systems. This is the first project of its kind that the Federal Government has run and requires participating hackers to register and pass a strict background check. Secretary of Defense, Ash Carter said, “I encourage hackers who want to bolster our digital defenses to join the competition and take their best shot," He continued to say, “This initiative will put the department's cyber security to the test in an innovative but responsible way.”

Recently, there has been a shift of corporate companies’ crowdsourcing their vulnerability testing and cyber security. Corporations such as Google, Facebook, and Uber, have their own “bug bounty” programs in which they offer cash to any hacker that can find vulnerabilities within their systems.

In my opinion, using the option to crowdsource in order to find vulnerabilities can be dangerous but advantageous. By using the ‘crowd’, these companies have every inch of their system tested by tons of hackers. This will surely reveal any major problems if there are any. The unfortunate downside is having to rely on hackers, who are generally labeled as unethical just from the title. Asking these hackers to attempt to penetrate your system is like inviting thieves to break into your home to test your security system. How can they be trusted? What will stop these hackers from exploiting the bugs? Surely, a hacker could stand more to gain from exploiting the vulnerability instead of showing Google for a cash reward.

What are your thoughts on crowdsourcing hackers to uncover vulnerabilities within a system?








-Dixon Anthon