U.S. Air Force Runs Hacking Tests to Discover Vulnerabilities in its Websites

The test namely Hack the Air Force 2.0, of late, resulted in security researchers identifying more than 106 security flaws affecting more than 300 public websites belonging to the U.S. Air Force. Fifty five of these vulnerabilities came to be noticed in December when the live inaugural function took place inside New York. A particular vulnerability as well helped its discoverer get USD12,500 worth bug bounty. This amount is the biggest award in bug bounty that any federal program paid.

USA's DoD (Department of Defense) crowd-sourced Internet safety program "Hack the Pentagon" constitutes Hack the Air force 2.0. The program was introduced during 2016. Nations, including UK, Canada, USA, Netherlands, Sweden, Latvia and Belgium, among others took part within the second Hack the Air Force mass hacks. This federal hackathon though a huge expenditure, comparatively Google expended USD112,500 for paying one lone hacker in 2017 for a single vulnerability alone. Wccftech.com posted this, February 20, 2018.

Authorities invited white-hat hackers for exploiting the computer systems of USAF earlier also when the foremost workable Hack the Air Force test, which got executed during 30th May, 2017-23rd June, 2017, led to the reporting of 207 valid security flaws. The hackers mainly attacked websites that are regarded as "operationally significant."

Security flaws, which sophisticated security products, especially scanners, can't detect are faster as well as more economically optimum discoveries of ethical hackers. Possibly in case hackers of North Korea and Russia came to the function, still more security problems might've gotten found.

As per DoD, more than 3,000 security flaws are now fixed from the time of introduction of foremost federal initiative of bug disclosure of 2016 within the ambit of Hack the Pentagon initiative. Till date, government has expended more than USD233,000 in awards for the initiative.

Peter Kim CISO of Air force stated the particular armed forces wing continuously strengthened its attack surfaces via referring to the discoveries of the earlier test, while incorporated lessons learnt from the current test. The act reinforced Air Force's ongoing work towards enhancement of cyber defenses, while creating important and long lasting connections with dexterous security researchers, he explained.

» SPAMfighter News - 2/26/2018