Hack The DHS: Senate Bill Would Encourage Hackers To Help Improve Security Of Department Of Homeland Security
A bill introduced in the U.S. Senate would offer rewards to hackers who report security vulnerabilities in the computer networks and systems of the Department of Homeland Security.
The Hack DHS Act, also known as S. 1281, would follow in the footsteps of other government bug bounty programs to ensure the safety of DHS websites and data systems by enlisting the help of white hat hackers who can find flaws that require fixing.
Read: Hack The Air Force: US Military Launches Bug Bounty Program For Air Force
The bill, sponsored by Sen. Maggie Hassan, D-N.H., and co-sponsored by Sens. Rob Portman, R-Ohio, Claire McCaskill, D-Mo., and Kamala Harris, D-Calif., borrows from previous, similar programs that have been launched by government agencies and branches of the military including the Army, Air Force and Pentagon.
Details on the program itself, such as rewards for bounties, are not listed in the bill. Previous programs have used HackerOne, a popular vulnerability reporting platform that is used by many tech companies that offer similar programs to improve security.
“Federal agencies like DHS are under assault every day from cyberattacks. These attacks threaten the safety, security and privacy of millions of Americans, and in order to protect DHS and the American people from these threats, the Department will need help,” Hassan said in a statement.
Hassan said the Hack DHS Act would draw upon an untapped resource: “Patriotic and ethical hackers across the country who want to stop these threats before they endanger their fellow citizens.” The senator promised the bill would be a bipartisan effort designed to improve the overall security of government systems.
Read: Pentagon Launches Bug Bounty Program To Improve US Government Cybersecurity
“The networks and systems at DHS are vital to our nation’s security. It’s imperative that we take every step to protect DHS from the many cyber attacks they face every day,” Portman said in a statement. “One step to do that is using an important tool from the private sector: incentivizing ethical hackers to find vulnerabilities before others do.”
Earlier this year, the U.S. Air Force introduced its Hack the Air Force program that encouraged hackers to take aim at the security of the military branch’s public-facing systems. The bug bounty program promised to pay participants for any reported security holes discovered.
Hack the Air Force, which opened for submissions at the end of March, marked the first occasion the U.S. military allowed non-U.S.-resident hackers to participate. Foreign participants have to be in the United Kingdom, Canada, New Zealand or Australia — close allies who are part of the “Five Eyes” agreement for intelligence sharing.
Prior to the Hack the Air Force program, the first cybersecurity defense initiatives — Hack the Pentagon — was launched by the Defense Digital Service in April 2016. The first bug bounty program run by the federal government, Hack the Pentagon attracted 1,400 registrants and received nearly 200 reports within the first six hours of its existence. It has paid out $75,000 in bounties.
© Copyright IBTimes 2024. All rights reserved.