{"id":83676,"date":"2016-12-05T12:00:38","date_gmt":"2016-12-05T12:00:38","guid":{"rendered":"https:\/\/www.transcend.org\/tms\/?p=83676"},"modified":"2016-11-28T18:55:29","modified_gmt":"2016-11-28T18:55:29","slug":"pentagon-looking-for-a-few-good-hackers","status":"publish","type":"post","link":"https:\/\/www.transcend.org\/tms\/2016\/12\/pentagon-looking-for-a-few-good-hackers\/","title":{"rendered":"Pentagon: Looking for a Few Good Hackers"},"content":{"rendered":"
\"Secretary<\/a>

Secretary of Defense Ashton Carter at the Pentagon last month.
Credit Brendan Smialowski\/Agence France-Presse \u2014 Getty Images<\/p><\/div>\n

28 Nov 2016 – <\/em>In June 2015, the Office of Personnel Management announced that foreign hackers had stolen the personnel records<\/a> of millions of federal employees, one of the most damaging cyberattacks in history. Just weeks later, the office of the Joint Chiefs of Staff shut down its unclassified email system for several days after officials detected that it had been breached.<\/p>\n

These serious intrusions came months after a group affiliated with the Islamic State briefly commandeered the Central Command\u2019s Twitter account<\/a> and rebranded it as the \u201cCyber Caliphate.\u201d<\/p>\n

Given the enormity of the problem, one of the responses by the Department of Defense might seem befuddling. They\u2019ve asked hackers willing to play by strict rules to find vulnerabilities in some of the Pentagon\u2019s unclassified computer system.<\/p>\n

Well-intentioned computer security experts routinely scan the internet in search of vulnerabilities, which they often map out and report. Until now, doing that on Pentagon sites carried the considerable legal risk of running afoul of the Computer Fraud and Abuse Act.<\/p>\n

\u201cHack the Pentagon\u201d kicked off in April with a monthlong trial program that attracted 1,400 so-called white hackers to fiddle with Department of Defense websites on the hunt for weak points that could be exploited to steal data or jam systems. Those hackers spotted 138 weaknesses, according to the Pentagon, and were paid $75,000 in rewards.<\/p>\n

Encouraged by the results, the Defense Department last week announced a formal policy <\/a>permitting outside computer experts to test for vulnerabilities in the system and report them to the department. Secretary of Defense Ashton Carter called the initiative<\/a> \u201ca \u2018see something, say something\u2019 policy for the digital domain.\u201d Those hackers won\u2019t be paid for their reports, but officials hope they will do it out of a sense of duty.<\/p>\n

In addition, the department has started \u201cHack the Army,\u201d a program asking hackers who have been approved by the government to test the Army\u2019s recruiting websites for weaknesses.<\/p>\n

While these efforts represent just one aspect of the federal government\u2019s effort to protect secret data more rigorously, Mr. Carter deserves credit for championing an unconventional approach.<\/p>\n

\u201cHack the Pentagon\u201d and \u201cHack the Army\u201d allows defense officials to draw from a talent pool that includes people who would not ordinarily feel at home in the military\u2019s hierarchical culture. It may well turn into an unconventional recruitment pipeline for an organization that always benefits from outside perspectives and carefully calibrated disruption.<\/p>\n

________________________________<\/p>\n

A version of this editorial appears in print on November 28, 2016, on page A20 of the New York edition with the headline: Pentagon: Looking for a Few Good Hackers.<\/em><\/p>\n

Go to Original \u2013 nytimes.com<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

The last thing the Pentagon would seem to need is more hackers. But Defense Department officials are inviting them in.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[],"class_list":["post-83676","post","type-post","status-publish","format-standard","hentry","category-whistleblowing-surveillance"],"_links":{"self":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/83676","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/comments?post=83676"}],"version-history":[{"count":0,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/83676\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/media?parent=83676"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/categories?post=83676"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/tags?post=83676"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}