Last week the Dutch government has issued official recommendations about the “hacktivism” to encourage white hackers to disclose the security breaches with responsibility. These recommendations set for the ethical hackers a formal procedure of making reports about IT vulnerabilities, writes The Verge.
“People who report IT vulnerabilities carry an important social responsibility”, -so is emphasized in the statement of the National cybersecurity center of the Netherlands. It is said in the statement that some hackers, having revealed the breaches in security, do not notify the organization about them directly, but disclose the vulnerabilities publicly in forums or in the social media instead. Such approach is thought only to make the situation worse.
The recommendations of the cyber security center advise companies and organizations to provide ethical hackers with channels of communication – for example, to create an online form through which it will be possible to report security vulnerabilities.
The government also encourages companies not to prosecute hackers exhibiting IT vulnerabilities in order to build a confidence and facilitate the direct communication between the hacker community and organizations. Moreover, the guidelines set a strict protocol for white hackers, following which must ensure that their actions really correspond the company’s interests in the best way.