The US using hackers to their advantage

News / The US using hackers to their advantage

Bug Bounties

1 MIN READ

By Deniz MustafaDecember 17, 2021
The US using hackers to their advantage

The Department of Homeland Security (DHS) is launching a new “bug bounty” program in order to help them identify cyber security vulnerabilities in their systems. They are offering specifically selected hackers thousands of dollars to help them identify potential risks; the hackers who identify the most serious bugs will receive the highest bounty. The amount earned will vary between $500 and $5,000 depending on the severity of the vulnerability and the impact of the restoration.  

The announcement of this new program came shortly after the cyber officials of the Biden administration cautioned that threat actors were taking advantage of a new software-related vulnerability. The vulnerability lies in a Java-based software known as "Log4j" that many of the world's biggest tech firms use to configure their applications. The program incentivises highly skilled hackers to identify cyber security weaknesses in government systems before cybercriminals can exploit them. 

The program is set to commence throughout 2022 and will consist of three stages. During the first stage, hackers will complete a virtual assessment of certain external DHS systems. Secondly they will take part in a live, in person, hacking event. Third and last, the DHS will review the information gathered, and plan for future bug bounties.   

The DHS ran a pilot bug bounty program back in 2019, which stemmed from legislation that allowed them to compensate hackers for evaluating their systems. It built on similar efforts, such as the Department of Defence’s “Hack the Pentagon” program. 

Government departments have armies of cyber experts to try and outsmart threat actors but even with teams as resourceful and intelligent as the DHS, having the collective creativity of white hat hackers could help the DHS level the playing field against their adversaries. 

The Department of Homeland Security plans to verify any identified vulnerabilities within two days and either remediate the risks or develop a strategy to remediate them within two weeks.

Previous Article

NZ Ministry of Health plan $75m spend to plug cybersecurity gaps

Next Article

Natural gas supplier Superior Plus suffer cyber-attack

How secure is

your business?

Security test

News categories

Bug Bounties(2)

Cyber Attacks(72)

Ransomware(27)

Data Breaches(27)

Vulnerabilities(30)

Most popular

TSA Implements New Cyber Security Directive

December 05, 2021Deniz Mustafa

Hundreds of thousands of Android users affected by banking trojans

December 04, 2021Nazifa Alam

Finland responds to an ‘exceptional’ malware attack

November 30, 2021Nazifa Alam

Banking apps targeted in Brazil by a revamped trojan

November 25, 2021Nazifa Alam

How secure is

your business?

Security test
logo

© 2022 by Just Get Visible Ltd

Company Registered in England & Wales: 09882516

PrivacyCookieTerms of Service
twitterfacebookinstagram