T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360
Ministry of Defence PAYS hackers to search computer systems for vulnerabilities before they can be exploited by real cybercriminals
- MoD announces the conclusion of its first bug bounty challenge with HackerOne
- Bug bounties offer ethical hackers financial reward for reporting technical flaws
- Members of the public can earn thousands of pounds for reporting a single flaw
Hackers have been paid by the Ministry of Defence (MoD) to search their computer systems for vulnerabilities before they can be exploited by real criminals online.
The government department has successfully concluded its first bug bounty programme, conducted in partnership with US firm HackerOne.
The programme recruited 26 ‘ethical hackers’ who went under the bonnet of its networks for 30 days, in a bid to get ahead of ‘bad actors’ and improve national security.
California-based HackerOne acts as a middleman by connecting businesses with its community of ethical hackers who have been through criminal background checks.
Neither HackerOne nor the MoD would reveal how much each hacker is getting paid as part of the programme.
However, another organisation already partnered with HackerOne recently handed out $50,000 (more than £36,000) for discovering a severe vulnerability.
While this is an attractive sum, it’s a mere drop in the pond considering how much money a single flaw can cost businesses if it’s noticed by cyber criminals first.
Scroll down for video
Bug bounty programs offer ‘ethical hackers’ a financial reward in exchange for reporting technical flaws that could cost organisations millions
A bug bounty is a reward that is paid out to developers who find critical flaws in software.
The bounty can be monetary reward, or being put into a ‘hall of fame’ list for finding the bounty, or gear from the company giving the bounty, or any combination thereof.
With open-source software, anyone in the world is free to comb through the code of an application and look for flaws.
The average bounty paid for critical vulnerabilities is much also even…