live casino online

Over 100 vulnerabilities affecting the Pentagon¡¯s computer networks have been uncovered by white hat hackers who participated in the U.S. Government¡¯s ¡°Hack the Pentagon¡± bug bounty program, to Defense Secretary Ashton Carter.

Last March, the U.S. Department of Defense (DoD) through the Defense Digital Service announced the program¡ªthe first commercial one by the federal government¡ªand invited 1,400 vetted hackers to break into the Pentagon¡¯s public websites in order to test their security. The initiative was modeled after similar initiatives organized by large enterprises to help them detect security flaws in their networks before black hats and other cybercriminals can exploit them. Pentagon¡¯s program ran from April 18th and wrapped up last May 12th.?

The program was launched amid recent mishaps and security incidents involving government-run online infrastructure, along with a history of launching buggy websites. In February, the Department of Homeland Security a data breach that leaked the credentials of 9,000 of its employees, and risked the of personally identifiable information of 20,000 FBI employees. The Internal Revenue Service¡¯s (IRS) Get Transcript tool, which allowed taxpayers to download their records directly from the IRS website, was by cybercriminals and stole sensitive information from 724,000 people.?

The websites of the , the DoD¡¯s , state-run in California, Kentucky and Vermont, , and as well as managed by the Office of Citizen Services and Innovative Technology have also been exposed to information theft, SQL injection and cross site scripting vulnerabilities, weak password encryption, scam, unvalidated redirects and forwards, and spam. There was also the infamous healthcare.gov website and its slew of technical problems when it was . Incentivizing hackers to find vulnerabilities before they can be leveraged by cybercriminals helps DoD nip security issues in the bud.??

[Read: Zero-Day Vulnerabilities 101]?

The continuous increase in cyberattacks worldwide, an ever-evolving cybercrime landscape, the benefits of further strengthening an organization¡¯s online infrastructure and promotion of mutually rewarding relationships in the cybersecurity community are driving bug bounty programs to grow in scope and volume.?

Within a span of few years, bug bounty programs have become more than just a novelty for enterprises, especially those looking to capitalize on the skills of an organized pool of security experts aside from their own. Google, for instance, over $2 million in 2015 to security researchers who found security flaws in its systems and services, including the Android OS. Google has also started issuing research grants to encourage more people to look for vulnerabilities in its networks.?

Facebook has been to have paid over $4.3 million in bounties since launching its program in 2011¡ªwith one bug hunter alone with $15,000¡ªwhile Twitter has $322,420 since launching its own program in 2014, with one? security expert $54,000 for all his submissions.?

Yahoo! that it has paid more than $1.6 million to network vulnerability reporters, with 2,200 out of 12,000 submissions resulting in a bounty payout. United Airlines has two security researchers one million air miles each after discovering 14 vulnerabilities, including remote code execution bugs, in their web security and online assets. Microsoft has just recently expanded its bug bounty programs, to pay as much as $100,000 for disclosing ¡®novel exploitation techniques¡¯ against security built into the company¡¯s latest OS.? , , , , and the are just some of enterprises actively encouraging white hat hackers to participate in their own bug bounty programs.?

By the end of the month, the DoD is expected to pay around 90 program participants who found the security flaws, with bounties ranging from $100 to $15,000. DoD spokesperson Mark Wright news portal DefenseNews that depending on the program¡¯s success, it may consider a second run¡ªand may even expand to cover more of the agency¡¯s assets, to Corey Harrison of DoD¡¯s Defense Digital Service.