House Lawmakers Introduce Hack the State Department Bug Bounty Bill

ChromaWise/Shutterstock.com

Featured eBooks

The Government's Artificial Intelligence Reality
What’s Next for Federal Customer Experience
What's Next for Government Data

The bill would offer cash rewards for vulnerabilities hackers discover in State Department websites.

Non-government security researchers would receive cash prizes for finding hackable vulnerabilities in State Department websites under legislation introduced Wednesday.

The Hack Your State Department bill from Reps. Ted Lieu, D-Calif., and Ted Yoho, R-Fla., follows a string of pilot “bug bounty” programs in the Pentagon, Army and Air Force. The General Services Administration’s Technology Transformation Service has also offered a bug bounty.

Lieu also introduced a bug bounty bill for the Homeland Security Department. A Senate version of that bill was included in a department reauthorization bill that passed the committee this month.

Bug bounties have become common at large tech companies but are only recently hitting their stride at non-tech firms and in government.

The State Department bill does not include an appropriation to cover the bug bounty’s costs.

The bill requires a report within six months, and annually thereafter, about how many vulnerabilities outside researchers discover, how severe they are and how quickly the State Department fixes them.