Skip to Content

The Air Force’s New Mission: Pay Friendly Hackers

Lockheed Martin F-35 Fighter Jet Test Flights At Hill Air Force BaseLockheed Martin F-35 Fighter Jet Test Flights At Hill Air Force Base
A Lockheed Martin Corp. F-35A jet flies during a training mission in Hill Air Force Base, Utah, U.S., on Friday, Oct. 21, 2016. George Frey Bloomberg via Getty Images

A new Air Force program called “Hack the Air Force” invites hackers to find vulnerabilities in that military branch’s computer systems—and pays cash prizes to those who succeed.

Modeled on last year’s successful “Hack the Pentagon” program, the Air Force initiative shows how the U.S. Armed Forces have come to embrace so-called bug bounty programs, which are used by many tech companies to incentivize hackers to find vulnerabilities.

Bug bounties used to be controversial because some feared they could paint a target on an organization’s computer systems. But today, the vast majority of security professionals consider the programs to be crucial sources of information that let them find and fix bugs before they are exploited by criminals.

“We have malicious hackers trying to get into our systems every day. It will be nice to have friendly hackers taking a shot and, most importantly, showing us how to improve our cybersecurity and defense posture,” said Peter Kim, the Air Force’s chief information security officer, said in a statement announcing the program.

Get Data Sheet, Fortune‘s technology newsletter.

In a phone call with Fortune, Kim explained that “Hack the Air Force” won’t involve weapons systems or other high security operations. Instead, it will focus on so-called “public facing” systems, which may include recruitment websites or other highly visible sites.

“If there’s anything that keeps me up at night, it’s the security of public facing websites and things the public can see. I want the sites probed and exploits found, and reported to me,” said Kim.

The Air Force has not specified how much it will pay in reward money, merely saying that the amounts will be “competitive.” In the case of “Hack the Pentagon,” the Defense Department paid out $75,000 in total with prizes ranging from $100 to $15,000, according to HackerOne, a company that helps administer the bug bounty programs.

One interesting twist of the Air Force’s hacking program is that it will be eligible to citizens of certain U.S. allies: United Kingdom, Canada, Australia, and New Zealand. So-called white hat hackers, or friendly hackers from these countries will be able to join in when the program kicks off on May 30.

“Every business or organization has a finite amount of time and specialized skills necessary to find vulnerabilities within their networks, but when you open them up to such a diverse group you get amazing results at low cost,” said Chris Lynch of the Defense Digital Service, an an industry group that is assisting with the Defense Department hacking programs.