The Federation Council proposes that the Ministry of Digital Development of Russia involve "white hackers" to look for weaknesses in IT systems for a reward. Thanks to the "initiative" form, hackers and IT system owners can find each other, which will allow them to find vulnerabilities and report them without legal risks. In 2024, the bill was already submitted to the State Duma, but after reading last fall, the project has not yet been discussed.
A letter from Artem Sheikin, First Deputy Chairman of the Federation Council Committee on Constitutional Legislation and State Building, on the regulation of "white hackers", including as part of the Bug Bounty program (for finding vulnerabilities in IT systems for a reward), was sent on March 25 to Deputy Head of the Ministry of Digital Development Ivan Lebedev.
In the document, Artem Sheikin proposes using two ways to search for vulnerabilities: one involves working with a limited number of specialists, and the other with any number of ethical hackers.
The letter also suggested that information system owners provide a form for "white hackers" to record reports on identified vulnerabilities. And for the identification of "white hackers", Artem Sheikin and Ivan Lebedev are considering the possibility of using ESIA ("Gosuslugi").
Related materials:
Sber has excluded the possibility of stealing money from accounts using voice or photo recording
Russian scientists have developed a plan for the development of AI in the field of quantum chemistry