Department of Homeland Security Secretary Alejandro Mayorkas has announced that his recently implemented “Hack DHS” program is being expanded after discovering a software issue that affects cybersecurity in government agencies as well as companies in the private sector.
As previously covered by Homeland Newswire, the Department of Homeland Security announced the beginning of a program where vetted and authorized hackers could work to find weaknesses and vulnerabilities in its cybersecurity systems. Successful hacks are rewarded with a bounty.
"In response to the recently discovered log4j vulnerabilities, @DHSgov is expanding the scope of our new #HackDHS bug bounty program and including additional incentives to find and patch log4j-related vulnerabilities in our systems," Mayorkas tweeted Dec. 21. "In partnership with vetted hackers, the federal government will continue to secure nationwide systems and increase shared cyber resilience.”
On Dec. 13, CNN reported that Homeland Security officials had urged both government and private-sector officials to be on guard against hacks due to a "critical flaw in widely used software" known as log4j. Apple, Cloudflare, and Minecraft are all major companies who use the Java software with the log4j vulnerability.
According to DHS Cybersecurity and Infrastructure Security Agency Head Jen Easterly, the vulnerability is being used by an increasing number of hackers and the department has ordered federal agencies to update their software.
CNN reported that hackers could use the vulnerability to gain access to an organization's server and could even get to their whole network. It reported that the fallout could last for weeks.
Easterly told CNN that the agency will hold a call with infrastructure firms across the nation on Monday to address the issue.
GreyNoise Intelligence is a firm that monitors internet traffic and the company told CNN on Dec. 13 that the amount of devices exploited had more than doubled over the course of one day. Founder Andrew Morris said “a lot of really important people are concerned.”
