Hackers filed more than 100 security vulnerability reports during the 29-day Hack the DTS (Defence Travel System) bug bounty initiative and amassed nearly US$ 80,000 (£60,183) for their efforts.
“DTS is relied on by DoD travelers. More than 9,500 sites operate worldwide, and the security of these systems is mission-critical,” Jack Messer, project lead at Defense Manpower Data Center (DMDC), said in a release. “The ‘Hack the DTS' challenge helped uncover vulnerabilities we wouldn't have found otherwise, complementing the great work DMDC is already doing to protect critical enterprise systems and the people those systems serve.”
The DTS challenge, which allowed the use of social engineering, is part of the Defense Department's Hack the Pentagon bug bounty program on the HackerOne platform. The initiative saw 19 hackers report 654 valid and unique vulnerabilities – 28 of which had critical or high severity ratings. The highest bounty awarded was US$ 5,000 (£3,762), with eight individual hackers reaping that pay out.