FILE PHOTO: A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration/File Photo
SINGAPORE: Selected white hat hackers (computer security specialists) from around the world will test major Singapore Ministry of Defence (MINDEF) Internet-facing systems for vulnerabilities, and will receive rewards for doing so.
It is part of the just-announced MINDEF Bug Bounty Programme which will be conducted from Jan 15 to Feb 4 next year, involving eight selected Internet-facing systems.
“Cyber is a new battlefront. Singapore is constantly exposed to the increasing risk of cyber attacks, and MINDEF is an attractive target for malicious cyber activity,” said MINDEF’s Defence Cyber Chief, David Koh when visiting the Cyber Defence Test and Evaluation Centre earlier today.
“As hackers with malicious intent find new methods to breach networks, MINDEF must constantly evolve and improve its defences against cyber threats,” he said.
Emphasising the importance of strengthening Singapore’s cyber defences amidst this changing landscape, Koh added the programme, utilising crowd sourcing, was one such innovative and effective way of doing so.
“This is the first time that MINDEF is launching such a bold programme. White hat hackers participating in this programme will be given the mandate to ‘hack’ MINDEF, to find bugs in our major Internet-facing systems.
“For each valid and unique bug that the hacker finds, he will receive a bounty,” he said.
On the need for such a programme, he noted it was not possible to fully secure modern computer software systems as new vulnerabilities were discovered daily.
Due to the fast changing cyber landscape, no agency can keep up by itself. Hence, even large companies used this crowd sourcing approach which was effective and fast, said the defence cyber chief.
MINDEF has engaged HackerOne, a reputable international bug bounty company to run the programme.
According to MINDEF, white hat hackers are computer security specialists who break into protected systems and networks to test and assess their security.
These hackers use their skills to improve security by exposing vulnerabilities before malicious hackers, known as black hat hackers, can detect and exploit them. – Bernama