Singapore hit by a wave of severe hacking attacks between December 2018 and early January of the following year, called upon the expertise of ethical, or ‘white hat’, hackers. In a bid to reinforce the city-state’s cybersecurity measures, Singaporean officials decided to adopt an unconventional strategy – turning potential adversaries into allies. This methodological paradigm shift in the face of digital threats led to the birth of the Singapore Hackers initiative.
To ensure the government’s security systems were well protected, the city-state sought the help of hackers. Singaporean officials approached those who call themselves ‘white hat’ or ethical hackers and not those on the wanted list or involved in criminal activities.
The Singapore Hacker initiative was orchestrated by the city-state’s Government Technology Agency (GovTech) and Cyber Security Agency (CSA). Their mission was simple: to engage the services of local and overseas hackers in identifying weaknesses in the online platforms of five government agencies.
This wasn’t Singapore’s first tryst with such a project – a similar initiative was previously launched by the Ministry of Defence.
To be part of the team, the white hat hackers need to register and highlight their expertise as they are being validated by HackerOne, a US-based bug bounty firm responsible for the program execution.
Based on reports, recruited white hat hackers are provided with a contract and told not to leak any data of potential vulnerabilities in Singapore’s systems.
As cited in a joint statement from the three companies, GovTech, CSA, and HackerOne, 25% of the hackers who participated were Singapore-based.
The report added, that of the top 10 hackers in the project, seven were from Singapore.
During the three-week period, the hackers found a total of 26 bugs. Based on the records, seven were at ‘low’ severity status, 18 were at ‘medium’ level, and one was at ‘high’ risk.
As payment, the government paid US$11,750 (S$15,927) to the hackers who identified the 26 bugs. The remuneration was given based on the severity of the bug ranging from S$250 to US$10,000.
Janil Puthucheary, the senior minister of State for Communications and Information, extended his gratitude towards the local cybersecurity community for their contribution to the initiative during the Committee of Supply Debate. The joint statement concluded with the hope of extending this program to cover more systems and government websites in the future.
The Singapore Hacker initiative exemplifies the government’s resilient and innovative approach to cybersecurity. It is a testament to their commitment to fortify their digital presence by effectively transforming potential threats into cybersecurity assets.
Read also:
The importance of increasing cybersecurity – Singapore News
Cooperation among cybersecurity experts is vital to combat emerging threats – Singapore News
According to a cybersecurity firm, WhatsApp flaws allow hackers to alter messages – Singapore News