The Federation Council proposes that the Ministry of Digital Development of Russia involve "white hackers" to look for weaknesses in IT systems for a reward. Thanks to the "initiative" form, hackers and IT system owners can find each other, which will allow them to find vulnerabilities and report them without legal risks. In 2024, the bill has already been submitted to the State Duma, but after reading last fall, the project has not yet been discussed.
A letter from Artem Sheikin, First Deputy Chairman of the Federation Council Committee on Constitutional Legislation and State Building, on the regulation of "white hackers", including as part of the Bug Bounty program (for finding vulnerabilities in IT systems for a reward), was sent on March 25 to Deputy Head of the Ministry of Digital Development Ivan Lebedev.
In the document, Artem Sheikin proposes using two ways to find vulnerabilities: one involves working with a limited number of specialists, and the other with any number of ethical hackers.
The letter also suggested that information system owners provide a form for "white hackers" to record reports on identified vulnerabilities. And to identify "white hackers", Artem Sheikin and Ivan Lebedev are considering using the ESIA ("Gosuslugi").
Related materials:
Sber has excluded the possibility of stealing money from accounts using voice or photo recording
Russian scientists have developed a plan for the development of AI in the field of quantum chemistry
