Singapore again asks hackers to break into MinDef network

HackerOne, the hacker-powered penetration testing and bug bounty platform, will be conducting its second bug bounty program with Singapore’s Ministry of Defence (MinDef).

The three-week challenge will run until October 21, and will bring together trusted hackers from around the world to test 11 government-owned targets, including websites and public digital systems belonging to MinDef/Singapore Armed Forces and other agencies in the defence sector.

Hackers will search these systems for security weaknesses so they can be safely resolved and therefore, enhance the safety and security of these systems. This year’s bug bounty challenge also has an added focus on personal data protection. 

For this second outing, there were hackers to 400 individuals invited, with 200 based locally in Singapore — doubling the local talent invited. 

Throughout the challenge, hackers will have the opportunity to earn bounties — monetary awards for successful vulnerability findings — ranging from $150 to $10,000 based on the severity of the vulnerabilities discovered.

Additional bounties will be awarded for the discovery of vulnerabilities that could result in the loss of personal data. 

Fifi Handayani, MinDef’s Program Manager at HackerOne, said MinDef’s continued investment in hacker-powered security exemplifies the value governments and companies see from partnering with the hacker community to reduce risks. 

This challenge occurs against the backdrop of an evolution in the global perception of hackers, where everyone from government agencies to Fortune 500 companies is embracing the positive power of hacking for good. Policymakers across the globe are recommending hacker-powered security, with some even introducing legislation.

Government agencies like the European Commission and the United States Department of Defense are launching hacker-powered security programs resulting in 214% industry-wide growth on HackerOne. The Cyber Security Advisory Panel of the Monetary Authority of Singapore has also recommended financial institutions adopt bug bounty programs as part of their cyber testing.

According to HackerOne’s 2019 Hacker-Powered Security Report, organisations based in Singapore, including the National University of Singapore and GovTech, have awarded hackers more than $270,000 in bug bounties, the highest volume in the Asia-Pacific region.