Singapore Launches Second Bug Bounty Program

Written by

The agency at the helm of Singapore’s digital services, the Government Technology Agency of Singapore (GovTech Singapore), announced that Singapore will be working with security researchers over the course of three weeks on a bug bounty program intended to further protect Singapore citizens and help secure public-facing government systems.

Singapore has established multiple cyber initiatives as part of its Smart Nation Singapore strategy. According to its website, the Strategic National Project aims “to drive pervasive adoption of digital and smart technologies throughout Singapore, we have identified key Strategic National Projects, which are key enablers in our Smart Nation drive.”

Among the goals of those key projects are enabling a lean, agile and future-ready government by implementing e-payment capabilities and delivering government services across different agencies to the citizens of Singapore. All of which hold the promise of convenience and efficiency but also present risks, which the government is proactively seeking to mitigate.

According to HackerOne, the crowdsourced platform with which GovTech Singapore has partnered, this is the country's second bug bounty program, which follows the successful endeavor of a bug bounty program with the Singapore Ministry of Defence (MINDEF) that ran earlier this year.

GovTech Singapore and the Cyber Security Agency of Singapore (CSA), aim to build a secure and resilient Smart Nation by leveraging access to local and overseas hackers through this collaboration with the hacker community as Singapore continues to undergo its digital transformation.

During the three-week challenge that will extend from December 2018 into January 2019, a select group of bug bounty hackers will receive financial payments, commonly called bounties, as a reward for identifying and reporting valid vulnerabilities to GovTech. The goal is for researchers to find security flaws in five public-facing government systems and websites so that GovTech may fix them before they are exploited by malicious actors.

"Singapore is again setting an example for the rest of the world to follow by taking decisive steps towards securing their vital digital assets," said Marten Mickos, CEO HackerOne. "Only governments that take cybersecurity seriously can reduce their risk of breach and interruption of digital systems. Singapore's continued commitment to collaboration in cybersecurity is something that will help propel the industry’s progress just as much as it will contribute to protecting Singapore citizen and resident data."

What’s hot on Infosecurity Magazine?