White Hat Hacking: Hack the Pentagon?
The Null Byte community is all about learning white hat hacking skills. In part, this is because I believe that hacking skills will become the most valuable and important skill set of the 21st century.
This week, The U.S. Department of Defense confirmed my belief by announcing the start of their own hacking bounty program. This program is for white hat hackers (our kind here at Null Byte), and the idea is that the Pentagon will pay white hats to find vulnerabilities in their systems and software.
Although many large software companies such as Google and Microsoft have similar programs, this is the first time the Pentagon—or for that matter, any U.S. federal agency—has invited hackers to attempt to break their systems.
Secretary of Defense Ash Carter has made cyber security and cyber warfare (another vocation for white hat hackers) a priority. In the spring of 2015, he gave a speech emphasizing the Department of Defense's need for cyber warriors to a high school in the Washington, D.C. area. There he encouraged students to study white hat hacking and even encouraged their parents to do the same.
Now, he is taking the next step to secure the Department of Defense by offering bug bounties to hackers who can find vulnerabilities in DoD systems. He hasn't yet fleshed out the details, but we know that hackers will need to pass a background check before they will be invited to hack into these systems that may contain highly confidential information.
This is likely to be just the beginning, as other government agencies will soon also offer similar bug bounties. It is now becoming a very real possibility that hacking the U.S. government systems can become a legitimate and high-paying career!
Despite spending millions of high-priced security experts and contractors, U.S. agencies and departments have been repeatedly hacked in recent years. Among the largest was the hack by presumably Chinese hackers of the Office of Personnel Management where personnel and background check records of over 80 millions current and former U.S. government employees were lost. In addition, just last month the IRS revealed that some of their records were lost to hackers.
The overall idea behind the "Hack the Pentagon" program and other bug bounty programs is that if you provide an incentive to white hat hackers, like us, we will find the vulnerabilities before the black hat hackers. In that way, the company or department can patch the vulnerability before the bad guys, foreign governments, or cyber criminals are able to hack the system.
The overall message, I believe, is that if you stay here at Null Byte, study diligently, and get a few certifications, you will have mastered the most valuable and important skill set of the 21st century!