‘Hack the Air Force’ invites vetted attackers to test its public Web sites The U.S. military, which continues its interest in bug bounty programs as a way to improve cybersecurity, is launching a new contest next month.Called “Hack the Air Force,” the new program will put certain of the branch’s Web sites up as targets for a set of international hackers who have been vetted by HackerOne, which is running the program.+More on Network World: IBM: Financial services industry bombarded by malware, security threats+The new contest follows on the Hack the Pentagon program last year that netted 138 vulnerabilities, and Hack the Army, which netted 118. The new contest is open to researchers from the U.S., Canada, the U.K., Australia and New Zealand who have been vetted by HackerOne. The countries make up the Five Eyes intelligence alliance that monitors communications worldwide. Registration starts May 15.“We have malicious hackers trying to get into our systems every day,” says Air Force Chief Information Security Officer Peter Kim. “It will be nice to have friendly hackers taking a shot and, most importantly, showing us how to improve our cybersecurity and defense posture.” In addition to these programs, the Department of Defense may launch another program that targets not Web sites but DoD infrastructure such as sensors in heating systems, according to Nextgov. This physical infrastructure can be exposed to the internet, which leaves it open to possible attacks.The possibility of a bounty program against these systems was raised this week by Daryl Haegley, who is the program manager for the Office of the Assistant Secretary of Defense for Energy, Installations and Environment.He says he is trying to get senior officials to buy into such a plan, Nextgov says.Visits to 15 military sites found that 75% of devices in control systems run unsupported operating systems including Windows XP, Windows 98 and Windows 95, the report says.The Hack the Pentagon program paid out a total of $75,000 to researchers who discovered vulnerabilities, with the individual prizes ranging from $1 to $15,000.HackerOne hasn’t announced what the prize range is for Hack the Air Force. Related content news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Regulation Regulation news UK data regulator warns that data breaches put abuse victims’ lives at risk The UK Information Commissioner’s Office has reprimanded seven organizations in the past 14 months for data breaches affecting victims of domestic abuse. By Michael Hill Sep 28, 2023 3 mins Electronic Health Records Data Breach Government news EchoMark releases watermarking solution to secure private communications, detect insider threats Enterprise-grade software embeds AI-driven, forensic watermarking in emails and documents to pinpoint potential insider risks By Michael Hill Sep 28, 2023 4 mins Communications Security Threat and Vulnerability Management Security Software news SpecterOps to use in-house approximation to test for global attack variations The new offering uses atomic tests and in-house approximation in purple team assessment to test all known techniques of an attack. By Shweta Sharma Sep 28, 2023 3 mins Penetration Testing Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe