The Interior Ministry has called in “ethical hackers” assembled by French startup Yogosha to test the security of the MaProcuration.gouv.fr site, which allows you to pre-fill an application for an electoral proxy, Yogosha said. LinkedIn.
Faults were detected but “neither numerous nor critical”, the ministry was quoted as saying by the company. Consulted by AFP, the ministry was not available to comment on this information.
Detect and eliminate vulnerabilities
The Maprocuration site, created in 2021, allows you to take your first steps online after authenticating on the FranceConnect site. Next, you must go to a gendarmerie, a police station or a consulate to prove your identity.
To detect and eliminate vulnerabilities, the ministry organized with Yogosha for two months a “bug bounty”, a search for security vulnerabilities. The principle is to use selected ethical hackers to identify risks. If a hacker discovers a vulnerability, he gets a reward. Otherwise, organizations don’t have to pay anything, Yogosha explained.
“We have worked seriously”
Yogosha, a platform specializing in these “bug bounties”, is based on a community of independent ethical hackers. Companies and organizations are increasingly using these services called “ethical hacking” or “redteam”, in which experts assume the role of cyber attackers. “For us, the bug bounty was really complementary to other security tests and allowed us to discover several flaws that had not been seen before in the application,” the ministry says.
“The audacity shown by the MaProcuration teams in trusting ethical hackers marks a true paradigm shift in the approach to the security of information systems, even the most sensitive ones. The experience of this campaign has allowed us to discover a new field of cyber risks linked to sovereign issues,” said Mathieu Bouvet, one of Yogosha’s managers.
The company told AFP that it regularly works with sovereign administrations.
Source: BFM TV
