Singapore’s Ministry of Defence (MINDEF) is inviting 400 white-hat hackers to find vulnerabilities in its systems, as part of a three-week program hosted on hacker-powered pentesting and bug bounty platform HackerOne.
Running from September 30, 2019 to October 21, 2019, the three-week challenge targets 11 government-owned resources, including websites and public digital systems belonging to MINDEF/Singapore Armed Forces (SAF) and other defense agencies.
MINDEF seeks to improve the security stance of these systems by inviting hackers to test them for security weaknesses so they can be patched. This year, the challenge also focuses on personal data protection.
This is the second bug bounty program that MINDEF has run on HackerOne. The first one resulted in 35 security weaknesses being addressed.
As part of this year’s challenge, the agency is inviting 400 individuals to participate (up from 300 for last year’s challenge), and says that 200 of them are based locally in Singapore.
The monetary rewards offered throughout this challenge range from $150 to $10,000, depending on the severity of the discovered security issues. MINDEF promises additional bug bounties for the discovery of vulnerabilities that could result in the loss of personal data.
The worldwide perception around hackers has improved recently, and entities from all sectors, including government agencies and Fortune 500 companies, are launching hacker-powered programs to improve the security of their systems.
According to HackerOne, the European Commission and the U.S. Department of Defense are among those to have already launched hacker-powered security programs, HackerOne.
In its 2019 Hacker-Powered Security Report, HackerOne revealed that six white-hat hackers have already earned over $1 million in lifetime earnings from bug bounties.
“We want to applaud MINDEF for being one of the first few government agencies to embrace such a forward-thinking approach to security. MINDEF’s continued investment in hacker-powered security exemplifies the value governments and companies see from partnering with the hacker community to reduce risks,” Fifi Handayani, MINDEF’s Program Manager at HackerOne, said.
HackerOne has an office in Singapore, which it opened earlier this year to meet growing demand in the Asia Pacific region. MINDEF, GovTech, National University of Singapore, Toyota, Nintendo and Grab are only some of the customers in the region to have already launched programs with the platform.
Singapore is host to the APAC edition of SecurityWeek’s ICS Cyber Security Conference, an event dedicated to serving critical infrastructure and industrial Internet stakeholders in the APAC region.