Hack the Pentagon Exercise Finds Internal Cyber Weaknesses

The most recent iteration of the “Hack the Pentagon” program, which ended on Feb. 7, found numerous weaknesses in an internal DOD system for the first time, Bloomberg reported. California-based Synack Inc. was paid $4 million to conduct three years of “bug bounty” exercises to identify security lapses in DOD networks. In their first official attempt, the white hat hackers breached a file transfer system “within hours,” according to the Department Digital Service. The DOD uses the system to send “sensitive e-mails, documents, and images between networks, including classified ones,” according to Bloomberg. One of the exercise participants found that “parts of the system appeared to have been well designed,” but that “other parts were quite weak.” Throughout the exercise, the hired cyber security experts were working on a simulated version of the real DOD network, and Department officials said the problem spots were already being fixed.