The Contracting Education Academy

Contracting Academy Logo
You are here: Home / Archives for hack

By

‘Hack the Pentagon’: Will DoD’s bug bounty program attract top talent?

Challenged by hackers and staffing shortages, the Pentagon is inviting plainclothes techies to a competition where they can poke around military code for security bugs.

The idea is to find and fix vulnerabilities unknowingly inserted in software before the bad guys do.

pentagon-sealThe contest draws inspiration from “bug bounty” programs in the private sector open to hobbyists and professional penetration testers. Microsoft, for instance, offers a reward of up to $100,000 for attacking its software. General Motors earlier this year launched a car-hacking program that seeks glitch reports but doesn’t yet pay for them.

The military’s new “Hack the Pentagon” program, unveiled Wednesday, potentially could offer cash prizes, according to a Defense Department announcement. Perhaps some of those bucks could come from the nearly $7 billion Pentagon Secretary Ash Carter expects to spend on cybersecurity in 2017.

Keep reading this article at: http://www.nextgov.com/cybersecurity/2016/03/pentagon-launches-open-contest-hack-military-websites/126383/

By

OPM’s post-hack contract broke rules and put millions of dollars at risk

In the rush to award a $20 million contract for identity-theft protection services in the wake of a massive data breach, Office of Personnel Management contracting staff violated federal contracting rules, lost track of paperwork and failed to properly secure an independent cost estimate of the contract, according to a newly published review by the agency’s inspector general.

OPMA summary of the IG’s findings was previously included in a memo to acting OPM Director Beth Cobert last month. However, the full report, dated Dec. 2 and posted online today, provides more detail about the shortcuts OPM contracting staff to award the contract.

OPM IG Patrick McFarland said his office was unable to determine whether the deficiencies were significant enough to affect the actual awarding of the contract. However, the missteps his office identified “increased the risk of making an improper award,” he wrote in the new review.

Keep reading this article at: http://www.nextgov.com/cybersecurity/2015/12/opm-rushed-award-20m-post-hack-contract-and-ran-afoul-federal-contracting-rules-ig-says/124369

By

Pentagon contractors rank below retailers and banks when it comes to cybersecurity

After revelations that a compromised contractor login abetted a grandiose breach of federal employees’ background investigations, now comes word that Defense Department suppliers score below hacked retailers when it comes to cyber defense.

pentagon-sealThe new industry-developed cyber rankings — and the recent Office of Personnel Management hack — raise questions about the extent to which cybersecurity is a shared responsibility between government agencies and contractors.

“You can write a contract requiring somebody to do something. The question is, how do you enforce it? And if it’s broken, what are the penalties? That’s what DOD is really struggling with,” said Jacob Olcott, vice president of business development at BitSight Technologies, which rates firms’ susceptibility to hacks. “If you are the only organization that’s building an F-35, there is only so much that the government can demand of you.”

Keep reading this article at: http://www.nextgov.com/cybersecurity/2015/07/pentagon-contractors-ranked-below-retailers-and-banks-when-it-comes-cybersecurity/116899

By

China hacks U.S. military transport contractors

Chinese military hackers successfully breached the systems of several transportation companies that do important work for the military, according to a new Senate Armed Services Committee report released last Wednesday, September 17, 2014.

U.S. Transportation Command, or TRANSCOM, is the outfit that moves troops and equipment. The command relies on a network of private companies large and small.

The heavily-redacted report outlines more than 20 successful intrusions on behalf of the Chinese government. “These are just those intrusions of which TRANSCOM is aware,” the report states.

The hacks outlined occurred between 2008 and 2013, but most occurred in 2012. The Chinese hackers stole emails, documents, compromised “multiple systems” of ships, obtained credentials, personal identification numbers and passwords for encrypted email and, through a phishing scam, convinced someone working at a TRANSCOM contracting air company to download an email with malware onto the airline’s network.

Keep reading this article at: http://www.defenseone.com/technology/2014/09/china-hacks-us-military-transport-contractors/94445/

 

Contracting Academy Logo
75 Fifth Street, NW, Suite 300
Atlanta, GA 30308
info@ContractingAcademy.gatech.edu
Phone: 404-894-6109
Fax: 404-410-6885

RSS Twitter