Defense Dept Drops Legal Threat On Hackers Who Report Bugs
November 24, 2016
In an effort to improve the Pentagon’s unclassified, public-facing networks, the Defense Department this week unveiled a new policy that would allow hackers to report bugs or flaws without fear of prosecution. The Army also opened registration this week for Hack the Army, an effort to allow hackers and researchers to scour Army websites looking for software flaws. In the past, such reporting could lead to charges under the Computer Fraud and Abuse Act. “This is a historic moment for hackers and the U.S. government,” Katie Moussouris, founder of Luta Security, told the Washington Post. “For the first time since hacking became a felony offense over 30 years ago, the Department of Defense has now opened the doors for ongoing vulnerability disclosure from helpful hackers who want to help secure these systems without fear of legal prosecution.” The new policy grew out of a Hack the Pentagon event held earlier this year, in which about 250 people found and submitted flaws in Pentagon sites. In recent years, Pentagon email systems have been infiltrated, including that of the Secretary of Defense and the Joint Chiefs of Staff. In 2008, the department’s classified network was compromised in an operation thought to have Russian ties.
Read full article at:
Daily Updates
Sign up for our free daily newsletter for the latest news and business legal developments.