Home > Cybersecurity > 31 Vulnerabilities Found On S’pore Government Platform By GovTech Programme

31 Vulnerabilities Found On S’pore Government Platform By GovTech Programme

In conjunction with the Cyber Security Agency of Singapore (CSA) and HackerOne, the Singapore Government Technology Agency (GovTech) launched the second Government Bug Bounty Programme (BBP) held between 8 July to 28 July 2019.

Concurrently, GovTech has launched a Vulnerability Disclosure Programme (VDP) on the HackerOne platform, which will make it easier for members of the public to report vulnerabilities on all existing government e-platforms.

300 white hat hackers from around the world participated in the BBP, incentivised by cash bounties. In total, 31 vulnerabilities were discovered, with USD 25,950 awarded in bounties to successful hackers.

Of the 31 vulnerabilities, four were deemed “high severity”, with the remaining 27 listed as “medium/low severity”.

Although only a quarter of the 300 participants were Singaporeans, local hackers made up seven out of the top ten hackers. The top performer was @spaceraccoon, a 24-year old Singaporean who discovered nine vulnerabilities for a total of USD 8,500 in bounty payouts.

The VDP is an integral part of the government’s push toward its Smart Nation initiative. With systems going online for greater convenience, efficiency and ease of use, abuses have resulted in the personal data of citizens being compromised by security loopholes.

A third government-initiated BBP will be held in November 2019 to further

Ian Ling
Ian is the resident Tech Monkey and Head of Content at VR Zone. His training in Economics and Political Science is at the basis of his love for journalism and storytelling. A photographer by passion, and an audiophile by obsession, Ian is captivated by all forms of tech that makes enthusiasts tick.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Read previous post:
Expand Your Storage With ROG Strix Arion

ASUS Republic of Gamers (ROG) has announced the new ROG Strix Arion, a convenient, slick M.2 NVMe SSD enclosure that...