According to data acquired by Atlas VPN, ethical hackers earned a total of US $44,754,742 million collectively from bug bounties from May 2019 to April 2020.
In total, hackers reported 60,000 valid vulnerabilities and received US $979 on average per single vulnerability.
The United States was the top payer of bounties, rewarding hackers with US $39,125,265 in the evaluation period. Rewards paid by the US organisations accounted for 87% of the total amount of bounties paid.
Russia was second on the list with US $887,236 in bounty rewards to hackers. Bonuses awarded by Russian companies make up 2% of the total bounty prizes awarded to hackers.
The UK is third on this list as it paid US $559,215 paid to hackers as bounty rewards.
With regards to hackers, the USA led the way with US $7,204,299, which accounts for 16% of the total amount of bounty winnings distributed.
Hackers from China came in second with earnings of US $5,355,683. Bounty rewards received by Chinese hackers make up nearly 12% of all bounties paid in the past year.
Indian hackers are third on the list as they netted US$4,401,251 in bounty winnings. Rewards collected by Indian hackers constitute close to one-tenth of the total amount of bug bounty rewards paid from May 2019 to April 2020.
Rachel Welch, COO of Atlas VPN, said, “While bug bounty programs will not solve the cybersecurity talent shortage, organisations can still benefit significantly by outsourcing ethical hackers to identify weak spots in their security measures.”
Technology companies paid the biggest share of bug bounty rewards followed by companies in the internet and online service industry. Companies in the telecommunication industry occupy the third spot.