Whitehat hackers found 35 flaws in Singapore’s Defence Ministry systems
Singapore’s Ministry of National Defense announced the launch of a Bug Bounty late last year, hiring leaked white hat hackers to “attack” the Singapore Department of Defense’s eight important systems for connecting to the Internet. According to Singapore’s Straitstimes, February 21, over 200 experts at home and abroad “invaded” the Singapore Department of Defense’s network system and found 35 flaws in a matter of three weeks, receiving about $19,500 in prize money.
The Bug Bounty Program open to the hacker to attack and find the bug in eight vital systems that were connected to the Internet, including the Department of Defense website, the National Service Web site, and the use of the I-net system for Defense and the Armed Forces of Singapore Personnel online email service. A total of 264 white hat hackers took part in the project from January 15 to February 4 this year, 100 of them from the local white hat hacker community.
© User:Colin / Wikimedia Commons, via Wikimedia Commons
The term “white hat” in Internet slang refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies to ensure the security of an organization’s information systems. Ethical hacking is a term coined by IBM meant to imply a broader category than just penetration testing. Contrasted with black hat, a malicious hacker, the name comes from Western films, where heroic and antagonistic cowboys might traditionally wear a white and a black hat respectively.
White-hat hackers may also work in teams called “sneakers“, red teams, or tiger teams.
During the three-week event, these white hat hackers caught 35 flaws, and Singapore’s Ministry of National Defense issued a total of $14,750. The bonus amount for each loophole ranges from $250 to $2,000, depending on the complexity and criticality of finding the flaws.