'Hack the Army' Program Pays Out About $100,000 for Netting 118 Bugs The Department of Defense rewarded individuals and groups who hacked into its servers.

By Stephanie Mlot

entrepreneur daily

This story originally appeared on PCMag

via PC Mag

And you thought hacking the Pentagon was easy: The U.S. Army last week revealed details of its first bug bounty program.

The four-week Hack the Army scheme generated 416 vulnerability reports (nearly 30 percent of which are unique and actionable) and approximately $100,000 for security researchers and bug hunters.

The most significant flaw -- as reported by HackerOne, a security consulting firm under contract with the Pentagon -- was uncovered due to a series of chained vulnerabilities that unwittingly took a hacker from the public-facing goarmy.com site to an internal Department of Defense page usually requiring special credentials to access.

"On its own, neither vulnerability is particularly interesting, but when you pair them together, it's actually very serious," HackerOne explained.

The Army remediation team and Army Cyber Protection Brigade stepped in to patch the hole.

"We're not agile enough to keep up with a number of things that are happening in the tech world and in other places outside the Department of Defense," former Army Secretary Eric Fanning said in the November announcement about Hack the Army. "We're looking for new ways of doing business."

The DoD experimented with a similar program last spring, when it invited white-hat hackers and researchers to infiltrate the Pentagon; 138 established vulnerabilities cost the federal government some $150,000 -- money well spent, the agency said in June.

"What Hack the Pentagon validated is that there are large numbers of technologists and innovators who want to make a contribution to our nation's security, but lack a legal avenue to do so," Fanning said.

But unlike Hack the Pentagon, which offered static websites not considered targets, Hack the Army provided sites considered critical to its recruiting mission, according to HackerOne.

"Crowdsourcing is really the only way to get the dynamic skills you need that a static workforce can't get you," Lisa Wiswell of the DoD's Defense Digital Service, said in a statement last fall.

More than 370 people participated in hacking the largest branch of the U.S. Armed Forces -- including 25 government employees, 17 of whom are military personnel.

Stephanie Mlot

Reporter at PCMag

Stephanie began as a PCMag reporter in May 2012. She moved to New York City from Frederick, Md., where she worked for four years as a multimedia reporter at the second-largest daily newspaper in Maryland. She interned at Baltimore magazine and graduated from Indiana University of Pennsylvania (in the town of Indiana, in the state of Pennsylvania) with a degree in journalism and mass communications.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Data & Recovery

Through March 24th: 1TB of Premium Cloud Storage Is Just $130 with This Code

Koofr offers advanced file management features, integration with external cloud management accounts, and reliable security.

Side Hustle

This Gen Zer's Stylish Side Hustle Earns About $20,000 a Month and Paid Off His Parents' $200,000 Debt: 'I Enjoy the Hands-Off Nature'

Ray Cao went from working as a barista for $8 an hour to being a successful seller on online marketplace StockX.

Business News

CEO Gets Dragged After Posting 'Infuriatingly Cringe' Crying Selfie After Laying Off Employees

A LinkedIn post by Braden Wallake, the CEO of HyperSocial, is making the rounds for being out of touch.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business News

Make $177,566 With No Experience in 3 Months: A Popular Online 'Side Hustle' Course Is Under Investigation After Customers Complain About Its Deceptive Claims

"All you need is a phone, a laptop, wi-fi and one to three hours a day," one affiliate marketer said in a video posted to social media.