As part of the DoD’s “Hack the Army” initiative, hundreds of white hat hackers found 118 security holes in the Army’s websites, according to Federal News Radio on January 24th.
In the controlled exercise, the government encouraged cyber security experts to uncover vulnerabilities in the Army’s system. The findings are known as a “bug bounty” and come with a monetary reward for non-Federal employees. The army then quickly applied fixes to the weaknesses.
In one notable instance, a “hacker” was able to access an internal DoD network from the Army’s Human Resources Command (HRC) homepage.
“According to HackerOne, the serious security problem was a combination of a misconfigured proxy server in the public-facing web portal and a separate flaw in a system that controls access to the Army’s internal network,” the article states.
“Hack the Pentagon,” the first activity of this kind, asked bug hunters to find holes in the Defense Information Activity’s sites.
Read the Federal News Radio article here.
A blog post from HackerOne, Inc., the army’s contractor for “Hack the Army,” can be found here.
Please follow us on twitter for more updates. Follow @EITCCORP