DoD Invites Lawful Hacking of .Mil Domains, Subject to Rules

One fresh military-wide policy formulated to make reports while rectify security flaws enables any kind of hacker seeking towards proving his courage for lawfully sharpening his dexterity on the Web along with cyber-weapons and tools he may own on whatever Web property the Department-of-Defense operates.

Security researchers frequently avoid reporting vulnerabilities in software programs alternatively security bugs they encounter because of apprehensions that the company bearing the vulnerability may decide filing hacking charges on them.

Ashton B. Carter, Defense Secretary who named the policy "see something, say something," to help in the digital world, stated that the program was set for enhancing the safety and security in connection with unclassified networks open to the public from Pentagon.

The military as well invited registration from hackers and researchers on November 21 to enroll in "Hack the Army," one kind of mettle-showing performance wherein they can scrutinize military websites for software bugs while compete to get bounty rewards valuing thousands of USDs.

However, that day, the DoD tried clarifying any confusion regarding the considerable presence of the army online, thus making possible both reporting within one centralized place about cyber-security bugs within the dot-mil area and one lawful safe host having perhaps public recognition to benefit security researchers who comply with certain basic rules. Krebsonsecurity.com posted this, November 23, 2016.

It's stated in the policy that reporting will be done via a standard scope for any DoD website. Data on security bugs reported will get utilized solely for defensive reasons such as plugging holes within the DoD's software/networks, else within vendors' software.

Also as per the policy, persons reporting flaws mustn't damage the network, compromise department employees' privacy, pull out data, alternatively, reveal vulnerability details except under the Pentagon's permission.

The department-of-defense stated that incase it could not instantly rectify else publicly confirm reported flaws such could be for avoiding any possible lethal consequences for the army workers.

The agency noted that several of its technologies were implemented within war-zones while backed ongoing military maneuvers. DoD required being very careful during analyzing vulnerabilities' impact while also providing their solutions; therefore, it urged for everyone's patience during the while.

» SPAMfighter News - 11/29/2016