The Department of Homeland Security (DHS) announced a “bug bounty” program on December 14, 2021, called “Hack DHS.” Yes, you read that right. DHS is actually going to invite select cybersecurity “hackers” to try to hack into its systems. DHS created the program to “identify potential cybersecurity vulnerabilities within certain DHS systems and increase the Department’s cybersecurity resilience.” According to DHS, vetted cybersecurity researchers will be invited to access certain systems and identify vulnerabilities. The “hackers” will even be rewarded with “bounties” (payments) for any vulnerabilities they identify.
Hack DHS and other similar programs are possible as a result of the Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act, 41 U.S.C. §§1321-1328 commonly known as the SECURE Technology Act, which was enacted in 2018 to improve supply chain security