Singapore agencies partner with white hackers to uncover gov't systems vulnerabilities

For three weeks ethical hackers will search for vulnerabilities in five selected internet-facing government systems and websites

Credit: Christina Morillo

On 21 December, the Government Technology Agency (GovTech) and Cyber Security Agency (CSA) of Singapore announced a partnership with local and international hackers on a Government Bug Bounty Programme (GBBP) that will run from December 2018 to January 2019.

The programme was initially announced during this year’s edition of the Singapore International Cyber Week (SICW), which saw the participation of S Iswaran, Singapore’s Minister for Communications and Information and Minister-in-charge of Cybersecurity.

Under the GBBP, so-called ‘white hat’ hackers, or ethical hackers, will be invited to search for and uncover vulnerabilities in internet-facing government ICT systems.

In return they will receive monetary rewards which can range from US$250 to US$10,000, depending on the severity of the ‘bug’ discovered by the hackers.

Discovered ‘bugs’ will be reported to the organisation for remediation.

The GBBP will run over a period of three weeks, and involves five selected internet-facing government systems and websites with high user touchpoints, namely website, REACH website, Ministry of Communications & Information’s Press Accreditation Card (PAC) Online, Ministry of Foreign Affairs (MFA) website, and MFA eRegister.

GovTech and CSA will be partnering HackerOne, the world’s largest community of cybersecurity researchers and white hat hackers, for the GBBP.

HackerOne successfully organised the Ministry of Defence’s first BBP earlier this year.

According to the join announcement, the GBBP is part of the Singapore government’s ongoing efforts to build a secure and resilient smart nation.

Key findings from the GBBP will be shared in March 2019.

The GBBP will be expanded to include more Government ICT systems/websites in future.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about CSATechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Brand Page

Stories by By CIO Asia Staff

Latest Videos

More videos

Blog Posts