Pentagon says 138 vulnerabilities found in its cyber system

WASHINGTON, June 17 (KUNA) — Some 138 vulnerabilities were found in the Pentagon’s cyber security system after allowing 1,400 so-called hackers to engage with the Defense Department’s infrastructure under its “Hack the Pentagon” program.
Over 250 participants submitted at least one vulnerability report but 138 of the cases were determined to be “legitimate, unique and eligible for bounty,” Defense Secretary Ash Carter said Friday.
The program ran from April 18 to May 12 and cost USD 150,000.
“”It’s not a small sum, but if we had gone through the normal process of hiring an outside firm to do a security audit and vulnerability assessment, which is what we usually do, it would have cost us more than $1 million,” Carter said.
The department paid the hackers amounts ranging from USD 100 to USD 15,000 based upon the cyber vulnerabilities discovered.
Last month, the Pentagon first estimated 80 vulnerabilities to have been found from the program. (end)