'Hack the Army' Program Pays Out About $100,000 for Netting 118 Bugs The Department of Defense rewarded individuals and groups who hacked into its servers.

By Stephanie Mlot

This story originally appeared on PCMag

via PC Mag

And you thought hacking the Pentagon was easy: The U.S. Army last week revealed details of its first bug bounty program.

The four-week Hack the Army scheme generated 416 vulnerability reports (nearly 30 percent of which are unique and actionable) and approximately $100,000 for security researchers and bug hunters.

The most significant flaw -- as reported by HackerOne, a security consulting firm under contract with the Pentagon -- was uncovered due to a series of chained vulnerabilities that unwittingly took a hacker from the public-facing goarmy.com site to an internal Department of Defense page usually requiring special credentials to access.

"On its own, neither vulnerability is particularly interesting, but when you pair them together, it's actually very serious," HackerOne explained.

The Army remediation team and Army Cyber Protection Brigade stepped in to patch the hole.

"We're not agile enough to keep up with a number of things that are happening in the tech world and in other places outside the Department of Defense," former Army Secretary Eric Fanning said in the November announcement about Hack the Army. "We're looking for new ways of doing business."

The DoD experimented with a similar program last spring, when it invited white-hat hackers and researchers to infiltrate the Pentagon; 138 established vulnerabilities cost the federal government some $150,000 -- money well spent, the agency said in June.

"What Hack the Pentagon validated is that there are large numbers of technologists and innovators who want to make a contribution to our nation's security, but lack a legal avenue to do so," Fanning said.

But unlike Hack the Pentagon, which offered static websites not considered targets, Hack the Army provided sites considered critical to its recruiting mission, according to HackerOne.

"Crowdsourcing is really the only way to get the dynamic skills you need that a static workforce can't get you," Lisa Wiswell of the DoD's Defense Digital Service, said in a statement last fall.

More than 370 people participated in hacking the largest branch of the U.S. Armed Forces -- including 25 government employees, 17 of whom are military personnel.

Stephanie Mlot

Reporter at PCMag

Stephanie began as a PCMag reporter in May 2012. She moved to New York City from Frederick, Md., where she worked for four years as a multimedia reporter at the second-largest daily newspaper in Maryland. She interned at Baltimore magazine and graduated from Indiana University of Pennsylvania (in the town of Indiana, in the state of Pennsylvania) with a degree in journalism and mass communications.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Science & Technology

This AI is the Key to Unlocking Explosive Sales Growth in 2025

Tired of the hustle? Discover a free, hidden AI from Google that helped me double sales and triple leads in a month. Learn how this tool can analyze campaigns and uncover insights most marketers miss.

Business News

'We're Not Allowed to Own Bitcoin': Crypto Price Drops After U.S. Federal Reserve Head Makes Surprising Statement

Fed Chair Jerome Powell's comments on Bitcoin and rate cuts have rattled cryptocurrency investors.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business News

A New Hampshire City Was Named the Hottest Housing Market in the U.S. This Year. Here's the Top 10 for 2024.

Zillow released its annual lists featuring the top housing markets, small towns, coastal cities, and geographic regions. Here's a look at the top real estate markets and towns in 2024.

Thought Leaders

Are You a Small Business Owner or an Entrepreneur?

The fact is, all business owners are entrepreneurs.

Business Ideas

Is Your Business Healthy? Why Every Entrepreneur Needs To Do These 3 Checkups Every Year

You can't plan for the new year until you complete these checkups.