What you need to know about the cyber exploitation bounty program, which is being offered by the United States Department of Defense.
The Defense Department is offering $2.5 million for information leading to the arrest and conviction of individuals who are responsible for exploiting vulnerabilities in the military’s command and control systems.
The information can include information that leads to the identity of individuals, organizations, or entities who are exploiting vulnerabilities or who are planning to exploit those vulnerabilities in a way that results in damage or death.
The department said the information collected through the program will be used to determine the identity, location, and status of the persons, organizations and entities who have engaged in the exploit development and exploitation of Department of Energy (DOE) systems, including cyber threat mitigation and information technology systems.
This program is being provided in cooperation with the FBI, the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), the Department on Veterans Affairs (VA), and other federal agencies and private sector organizations.
Information about the vulnerabilities that have been exploited in DOE systems is confidential and will be kept confidential.
Information provided by the department will be subject to the Privacy Act and will not be shared with the general public or disclosed to third parties.