counter

Standard News

Hide Advertisement

Teen hacks Pentagon websites, gets thanked for finding ‘bugs’

News

 |  | By 
Advertisement - Continue reading below
An illustration picture shows projection of binary code on man holding aptop computer in Warsaw

By Idrees Ali

WASHINGTON (Reuters) – High school student David Dworken spent 10 to 15 hours between classes on his laptop, hacking U.S. Defense Department websites.

Advertisement

Instead of getting into trouble, the 18-year-old who graduated this week was one of two people praised by Secretary of Defense Ash Carter at the Pentagon on Friday for finding vulnerabilities before U.S. adversaries did.

“We know that state-sponsored actors and black-hat hackers want to challenge and exploit our networks … what we didn’t fully appreciate before this pilot was how many white hat hackers there are who want to make a difference,” Carter said at a ceremony where he also thanked Craig Arendt, a security consultant at Stratum Security.

More than 1,400 participants took part in a pilot project launched this year, and found 138 valid reports of vulnerabilities, the Pentagon said. The project invited hackers to test the cyber security of some public Defense Department websites.

The pilot project was limited to public websites and the hackers did not have access to highly sensitive areas.

The U.S. government has pointed the finger at China and Russia, saying they have tried to access government systems in the past.

The Pentagon said it paid a total of about $75,000 to the successful hackers, in amounts ranging from $100 to $15,000.

Dworken, who graduated on Monday from Maret high school in Washington, D.C., said he reported six vulnerabilities, but received no reward because they had already been reported.

However, Dworken said he had already been approached by recruiters about potential internships.

He said some of the bugs he found would have allowed others to display whatever they wanted on the websites and steal account information.

Dworken, who will study computer science at Northeastern University, said his first experience with finding vulnerabilities was in 10th grade when he found bugs on his school website.

“Hack the Pentagon” is modeled after similar competitions known as “bug bounties” conducted by U.S. companies to discover network security gaps.

The Pentagon said the pilot project cost $150,000, including the reward money, and several follow up initiatives were planned. This included creating a process so others could report vulnerabilities without fear of prosecution.

“It’s not a small sum, but if we had gone through the normal process of hiring an outside firm to do a security audit and vulnerability assessment, which is what we usually do, it would have cost us more than $1 million,” Carter said.

(Reporting by Idrees Ali; Editing by David Gregorio)

tagreuters.com2016binary_LYNXNPEC5G1IR-VIEWIMAGE

Previous Post
Next Post
Les destinations vacances qui sont décevantes en réalité
Les destinations vacances… notre besoin viscéral d’explorer et d’approfondir nos connaissances nous pousse à voyager dans ces lieux étrangers. De Venise au Machu Picchu, les destinations offrant aventures et authenticité ...
click here to read more
Advertisement - Continue reading below
Share 

Wet weather, traffic clog up Glastonbury Festival arrivals

U.S. urges colleges to limit hurdles for those with criminal records

Ex-U.S. House Speaker Hastert to report to prison June 22: judge

Harvard endowment to rely more on outside managers, cuts staff

Do You Think You Could Pass This Easy U.S. Citizenship Exam?

Canada top court rejects appeal in white supremacy probate case

New York City heightens security for Sunday’s gay pride parade

Hugely Popular Vacation Spots That Are Actually Very Disappointing

Georgia Man Surprises Florida Evacuees Stuck on Highway With Cookout

FBI says conducting 30 undisclosed insider trading probes
load more