The US Department of the Army and the U.S. Defense Digital Services were both hacked as much as 40 times since January 2021 by military-grade and civilian hackers, according to Forbes. However, while the first line may alarm you, you might feel better after learning that it was part of "Hack the Army 3.0," a "a “bug bounty” program that builds on the efforts of Army and Department of Defense security professionals in safeguarding DoD and Army networks, systems and data," according to the U.S. Department of the Army.
This program, which began in 2016, is in its third iteration, which offers cash prizes for civilian hackers "who discover and successfully report vulnerabilities." Yes, this is a giant vulnerability scan, used to discover weaknesses among networks carrying confidential information.
In order to participate, hackers had to go through a rigorous process since, of course, they were accessing military targets.
According to Forbes, 238 vulnerabilities were identified this round, more than the 146 found in 2019's 2.0 contest. Of those 238, 102 were critical security gaps.
Hack the Army is just one event as part of the Hack the Pentagon series.
"It’s been an exciting journey to chart the successes of the three Hack The Army initiatives and watching the hacking community help strengthen the nation’s cybersecurity defenses," said Alex Rice, co-founder of HackerOne, whom the Army partnered with for this exercise.