“Hack the Army 2.0″ Event Uncovers Critical Flaws in US Online Assets


Recently the US Army websites got hacked between October 9th and November 15th, 2019.  The hack was carried out by a total of 52 hackers in total. This is not as bad as it sounds. A spokesperson from the U.S. Department of Defense Digital Service said that hacking actually strengthens the cyber security infrastructure. The statement was made because the 52 hackers that hacked US Army website were part of the second “Hack the Army” event that took place for the second time. The first edition was held in 2016.  It might sound strange or even a crazy idea, to let hackers hack platforms for any organizations, let alone the US Army. Threat actors and hackers are always looking for loopholes in the security infrastructure, so that create havoc and mess and steal data from database. The sole purpose is to create disruption and create chaos inside the cyber security infrastructure. Only recently, the United States warned organizations to upgrade their cyber security infrastructure when Cyberattacks hit the New York airport and the City of New Orleans. Both the incidents were related to Ransomware attacks. The second edition of the “Hack the Army” actually is the joint venture between the U.S. Department of Defense, the Defense Digital Service and the Hacker One bug bounty platform.

Image Source: i0.wp.com

Hacker One actually is hacker powered penetration testing and vulnerability discovery platform that has made skillful hackers made popular and rich. One of the hackers that participated even managed to hack the platform itself; such is the skill and the talent of the hacker. The point of the platform, and the reasoning behind Hack the Army, is to uncover flaws and bugs that could leave an organization, in this case the U.S. Army, vulnerable to attack from less principled hackers including nation-state adversaries such as Iran. To test the skills of the participating hackers the United States Army made available 60 online assets that were left publicly exposed. This was intentional done because hackers and threat actors often target device that are left exposed because they are in the public domain accessed by everyone. The entire event was organized by the US Army and it was for a period of five weeks. These included the army.mil and goarmy.com web domains and the Arlington Cemetery website. The 52 hackers, from countries including the U.S., Canada, Germany and Romania, reported a total of 146 validated vulnerabilities in all.

Image Source: encrypted-tbn0.gstatic.com

According to media reports the bounty awarded by the US Army was an astounding amount of $275,000, which was given to hackers for their participation and efforts. The highest award was to the tune of $20,000 which is approximately 15,300 Euros. According to the Alex Romero, digital service expert at the Department of Defense, Defense Digital Service said that participation of hackers is essential as it bolsters the security infrastructure and make its robust, resilient from future cyber attacks carried out by threat actors. One of the most talented hackers was Alyssa Herrera who had revealed the most number of vulnerability in the defense website.  She told that, she immensely glad and happy that it was part of her contribution that made the difference in solidifying the defense cyber infrastructure. She also said that these kinds of events are the most waited hacking event that aspiring hackers wait for in the calendar year.  The first Hack the Army was held 3 years back which brought to surface around 118 vulnerabilities that could have been exploited by hacker through their sharp skills and malicious code that can easily penetrate public systems.

Source: Forbes

Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.

Tags: #Darknet #.onion_Sites_Links #Deep_Web_Links_and_Web_Sites #Dark_Web_Links_Hidden_Wiki #Dark_net_Links


Please enter your comment!
Please enter your name here