GovTech Singapore Resolved 26 Security Weaknesses and Awarded Global
Hacker Community Over $11,000 for Contributing to a More Secure and
Resilient Smart Nation

SINGAPORE–(BUSINESS WIRE)–HackerOne,
the leading hacker-powered security platform, Singapore’s Government
Technology Agency (GovTech) and Cyber
Security Agency of Singapore (CSA) today announced the successful
conclusion of the latest Government Bug Bounty Programme (GBBP), part of
the Singapore Government’s ongoing initiative to build a secure and
resilient Smart Nation. During the three week hacking challenge, more
than 400 hackers globally were invited to look for security weaknesses
in the Singapore Government’s digital assets. As a result, hackers
earned $11,750 in exchange for reporting 26 valid security weaknesses to
GovTech so they could be safely fixed. Through their bug bounty
programme Singapore is improving the security of its internet-facing
government systems with help from hackers.

The GBBP ran from 27 December 2018 to 16 January 2019 and welcomed 400
ethical hackers to test five internet-facing government systems. Of the
26 valid vulnerabilities reported through the GBBP on HackerOne, seven
were considered low severity, 18 were medium severity, and one was high
severity. One-quarter of all participating hackers and seven out of the
top 10 hackers who earned bounties were from Singapore. Following these
successful programs, GovTech and CSA plan to expand the next edition of
the GBBP to include more Government internet-connected systems and
websites.

“National security cannot exist without cybersecurity,” said Marten
Mickos, CEO of HackerOne. “The Singapore Government has fully realized
this. They are governmental pioneers in safeguarding vital internet
connected systems with the help of an army of over 300,000 ethical
hackers. They realize that bug bounty programs allow us to bring the
best minds together to counter the risks of today’s cyber environment.”

This is the Singapore government’s second successful bug bounty
programme with industry leader HackerOne, following the first bug bounty
programme by the Singapore Ministry of Defence (MINDEF). By bringing
together a community of cyber defenders who share the common goal of
developing a safe and resilient cyberspace, the GBBP builds collective
ownership over the cybersecurity of Government systems and websites,
which is vital to achieve Singapore’s Smart Nation goals.

HackerOne was selected to manage the bug bounty programme because of its
largest credentialled global ethical hacker community and proven results
with MINDEF and proven track record of success with governments
globally. GovTech and MINDEF join government agencies like the U.S.
Department of Defense, U.S. General Service Administration, and the
European Commission who partner with HackerOne to find their critical
security vulnerabilities with help from the global hacker community.

About Government Technology Agency

The Government Technology Agency of Singapore (GovTech) is the lead
agency driving Singapore’s Smart Nation initiative and public sector
digital transformation. As the Centre of Excellence for Infocomm
Technology and Smart Systems (ICT & SS), GovTech develops the Singapore
Government’s capabilities in Data Science & Artificial Intelligence,
Application Development, Sensors & IoT, Digital Infrastructure, and
Cybersecurity.

GovTech supports public agencies to manage enterprise IT operations and
develop new digital products for citizens and businesses. GovTech is the
public sector lead for cybersecurity, and oversees key government ICT
infrastructure, as well as regulates ICT procurement, data protection
and security in the public sector. GovTech is a Statutory Board under
the Smart Nation and Digital Government Group (SNDGG) in the Prime
Minister’s Office.

For more information, please visit www.tech.gov.sg.

About the Cyber Security Agency of Singapore

The Cyber Security Agency of Singapore (CSA) provides dedicated and
centralised oversight of national cybersecurity functions, and works
with sector leads to protect Singapore’s critical services. It also
engages with various industries, and stakeholders to heighten
cybersecurity awareness as well as to ensure the holistic development of
Singapore’s cyber security landscape. The Agency is part of the Prime
Minister’s Office and is managed by the Ministry of Communications and
Information.

For more information, please visit www.csa.gov.sg.

About HackerOne

HackerOne is the #1 hacker-powered
security platform, helping organizations find and fix critical
vulnerabilities before they can be exploited. More Fortune 500 and
Forbes Global 1000 companies trust HackerOne than any other
hacker-powered security alternative. The U.S. Department of Defense,
General Motors, Google, Twitter, GitHub, Nintendo, Lufthansa, Panasonic
Avionics, Qualcomm, Starbucks, Dropbox, Intel, the CERT Coordination
Center and over 1,200 other organizations have partnered with HackerOne
to find over 100,000 vulnerabilities and award over $47M in bug
bounties. HackerOne is headquartered in San Francisco with offices
in London, New York, the Netherlands, and Singapore.

Contacts

Katrina Dene
HackerOne
[email protected]