In particular, the Ministry of Digital Development aims to introduce the concept of bug bounty into the field of law. The bug bounty program offers white-hat hackers a reward for finding vulnerabilities in products. If the Mintsifra project is implemented, such payments will become legal in Russia.
The fact is that now the concept of insect bounty is not defined in any way in Russian legislation. It may even be interpreted as “illegal access to computer information” and fall within the scope of Art. 272 of the Criminal Code of the Russian Federation.
Security business consultant Alexei Lukatsky recalled the story of the manager of one of the telecom operators in Obninsk, who scanned the customer network for vulnerabilities. For this, the FSB officers seized him, and now he is on trial under Art. 274.1 for illegal influence on the KII of Russia.
Source: Ferra
