Member of the European Parliament Marietje Schaake (D66/ALDE) launches a bug bounty programme for her website today. She invites security researchers or ethical hackers to hack her website.
Schaake: “Websites of politicians or political parties are increasingly the target of malicious hackers. Since prevention is better than finding a cure afterwards, I would like to know how vulnerable my own site is. Security researchers will receive a reward (bounty) if they manage to obtain potentially sensitive personal data from our website, or if they are able to create, edit or delete posts from my website. So essentially I am inviting people to hack my website!”
EU-wide bug bounty programme
Schaake initiated an EU-wide bug bounty programme last year for open source software used by the EU institutions in 2018. While commercial companies increasingly offer rewards for hackers that discover critical flaws, there are not many similar opportunities for open source software projects. Schaake: “In order to fully appreciate how such a programme works for the EU institutions, I wanted to lead by example and have first-hand experience in order to be better aware of risks and opportunities.”
Schaake is a member of the Global Commission on the Stability of Cyberspace (GCSC), a global body launched by the Dutch Ministry of Foreign Affairs to develop proposals for norms and policy initiatives to improve the stability and security of cyberspace.
Schaake: “Threats of electronic meddling with elections are rising to such an extent that in the Netherlands we hand counted the ballots due to hacking fears. We need to create more awareness about the vulnerability of infrastructure that is critical to the functioning of our democratic societies such as electronic voting equipment, voter registration databases and websites of politicians and political parties. Our democracies can only function if citizens can rely on the security of this vital infrastructure.”