Navigation

Swiss government launches bug bounty scheme for ethical hackers

Keystone / Sascha Steinbach

Over a two-week period hackers will be invited to identify vulnerabilities in government IT systems, receiving a financial reward for any bugs they find.  

This content was published on May 11, 2021 - 11:17
swissinfo.ch/ac

The pilot project, which began on Monday, will target two government IT systems: The Federal Department of Foreign Affairs and Parliamentary Services. Only hackers known to the National Cybersecurity Centre (NCSC) or its project partner Bug Bounty Switzerland and who have proven their worth in other projects will be invited to participate in this test phase. 

A cloud technology platform developed in partnership with Microsoft will be used for the bug bounty experiment. 

“The test should provide a basis for discussing the future use of bug bounty programmes,” the NCSC said on Monday. 

This is not the first experiment of this kind for a public service. In 2019, Swiss Post used a bug bounty scheme to test its e-voting system. Rewards of up to CHF50,000 ($55,380) were offered for identifying critical vulnerabilities. The experiment helped detect an error in the source code that was thought to be fixed and which rendered the e-voting system incompatible with legal security requirements. 

Comments under this article have been turned off. You can find an overview of ongoing debates with our journalists here. Please join us!

If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.

Share this story

Join the conversation!

With a SWI account, you have the opportunity to contribute on our website.

You can Login or register here.