The Hack the Pentagon beta bounty program is a new security program introduced by the Department of Defense. David Dworken is among the first participants on the program. This young white hat hacker got interested in computer software just recently and he has grown into a remarkable hacker. The high school graduate is an active participant in bounty programs like the one hosted by the DoD. Two years ago though, he was barely versed with computer terminology, let alone the skills to detect bugs in computers.
Dworken earned the invitation to the Pentagon after a successful submission. The DoD had invited 1400 participants in the Hack the Pentagon program where 138 of the participants who made successful bug report submissions were invited for a tour. After the Pentagon released the first results from the program, Dworken was confirmed to be among those who would make the tour. The recent graduate was thus lucky to not only tour the Pentagon but to also meet Ash Carter, the Secretary of Defense.
Dworken expressed his excitement with the events of the week. He pointed out that even though he had grown up in the Washington D.C area, he had never gotten the chance to visit the Pentagon. He was elated about meeting the Secretary of Defense. Dworken also expressed his disappointment with the fact that he did not earn any money. Even though the program made about $75,000 in payments, Dworken was not eligible to earn any of it because his reports were considered duplicates. Regardless, the 18-year-old was contented about the experience as a whole.
Pentagon hopes to cooperate with public
The Pentagon run this first beta program with the aim to improve the overall security of its websites that are visited by the public. The goal of the program is ultimately to both bring the community participation and also boost the security of the web properties. It is the first program of its kind where the public is given a chance at going to the government’s properties. As confirmed by Lisa Wiswell of the Department of Defense’s Defense Digital Service, the program is a sign of how the government has changed attitude when it comes to security issues.
There is no denying that most institutions are now treating cybersecurity issues with more seriousness. With most ordinary increasingly people using security tools from reputable providers like OpenVPN and with companies adopting new strategies, cybersecurity is no longer a peripheral affair in the modern world. Experts say that measure like the one taken by the DoD can only help the public be more open to collaborating with the government on cybersecurity issues without any fear. According to a McKinsey report, the government is obligated to treat cybersecurity issues with openness in order to succeed in combating insecurity.
Dworken hopes to continue honing his skills
The Pentagon program was facilitated by HackerOne, a platform that has been involved in various bug-bounty feats. Being part of the program for more than a year, Dworken has been able to make a couple thousand dollars as part of his efforts in detecting and identifying bugs in companies like Symantec, Western Union, and Uber among others. The first stint that Dworken had with bugs is when he identified a cross-site scripting bug at school. Dworken admits that his feat at the time sparked his interest in the cybersecurity world. He started focusing on identifying more bugs via online programs where he would be paid with small gifts, but it ultimately turned out to be a cash-rewarding experience.
Dworken heard about the Pentagon program via NPR and he was immediately interested. He was initially apprehensive about the scope of the program though. Admittedly, Dworken noted that the bugs he found on the Pentagon websites were quite common to those that exist in other sites where there are no bounty programs.
Dworken has his sights set in the cybersecurity world. He hopes to attend Northeastern University in Boston and pursue computer science. At the Department of Defence, Secretary Carter has indicated that the beta program will not be the last one. He reckoned that the DoD is actively seeking new ways to combat insecurity issues and collaborating with researchers is a big part of the process. The bug-bounty programs will thus expand to other areas in the DoD realm. For Dworken, he will be open to working with any programs that require his expertise.