Rostelecom will pay 1 million rubles for the discovery of a critical vulnerability in the State Services
[ad_1]
The Ministry of Digital Transformation announced the launch of a project to search for vulnerabilities on government electronic resources. At the first stage, Internet users who have registered in the program (“bughunters”) are invited to hack the “Gosuslugi” and the Unified Identification and Authentication System (ESIA). To those who find a critical vulnerability in resource protection, the program sponsor, Rostelecom, will pay 1 million rubles, said press office ministries.
Participation in the program to identify vulnerabilities is available for Russian citizens who have registered on the BI.ZONE platforms (registration from 18 years old) or Standoff 365 Bug Bounty (from 14 years old, if there is a written consent of the parents). In addition to 1 million rubles, Rostelecom will pay up to 50 thousand rubles for the discovery of a critical vulnerability. for identifying medium vulnerability and from 50 to 200 thousand rubles. – high. For those who discover a low-level vulnerability, the Ministry of Digital Transformation promises gifts with the project’s logo.
“Here it is also necessary to think about the legislative consolidation of the rights of white hat hackers. We understand that now this work is not entirely legal, but if it is in the interests of the state, then exemption from liability should be provided, ”wrote Alexander Khinshtein, head of the State Duma Committee on Information Policy, in Telegram channelcommenting on the launch of the program.
An ethical or white hat hacker is a computer security professional who specializes in testing the security of computer systems. They look for vulnerabilities on a voluntary basis or for a fee to help developers make their product more secure.
Since the start of Russia’s military operation in Ukraine, the number of cyberattacks on Russian IT infrastructure has increased dramatically. In February, Kaspersky Lab repelled “4.5 times more DDoS attacks than in the same period in 2021, with more than 60% of them occurring on February 24–28.” Most often, state structures became victims: Rosaviatsia, the Federal Antimonopoly Service, the Ministry of Culture, the Ministry of Digital Transformation, Roskomnadzor and the Moscow government.
Read more about how Russian cybersecurity has changed in 2022 in the article. “Economics of the break-in period”.
[ad_2]
Source link
