According to a report in the Detroit News, General Motors President Dan Ammann said that the company is planning to offer cash payment to security researchers who find bugs and security vulnerabilities in its products. As part of its “Bug Bounty” program, the automotive manufacturer will offer a cash payment for each “bug” that is found.
Amman said that the company will show them the products, programs and systems for which the Bug Bounties would be given and provide them with a comfortable environment to help them find chinks that could reveal weaknesses in GM’s products.
It is a common practice for companies to engage outsiders to find flaws in their security systems. Like a beta testing program, friendly “white hat” hackers would be able to identify problems in GM products and share this knowledge with the company so that GM can fix the issues.
GM had conducted a similar program in 2016 in collaboration with the security platform HackerOne. As part of the earlier program, GM had agreed not to sue against security researchers for hacking GM products, provided that they complied with a number of stipulations, like not revealing the bug till GM had developed a solution.
This latest version of the program appears to a more focused version of the 2016 Bug Bounty program. According to a report in Hacking News, only 10 selected security researchers will be participating in the program and will gain special access to GM products and systems. They will also receive additional support from the company, in the form of food and drinks, according to Ammann.
One of the key focus areas is security for autonomous ridesharing vehicles as these vehicles are vulnerable to both digital and physical attack. Through autonomous ridesharing, many passengers can gain physical access to a shared vehicle, even in the absence of a human driver or operator present. This physical access could be exploited to either extract data about previous passengers, or tamper with the experience of future passengers. Many automotive companies have come up with possible solutions including restricting network access and monitoring the interiors of a vehicle.
Ammann did say that even one cyber incident could totally interrupt the deployment of autonomous vehicles or even delay it for a long time. Such an incident could have a negative impact on the industry as a whole.
Hamid Moaref has always been fascinated by cars and the automotive industry. His family has a longstanding association with the industry and has been in the tire business for the past 35 years. Raised in Dubai, Hamid attended Capilano University in Vancouver where he graduated with a BBA in marketing before attending an intensive course in magazine publishing in 2005. He has been the publisher and chief editor of Tires & Parts magazine for the past ten years.
Your email address will not be published. Required fields are marked *
© 2017 Morjan Media LLC. All Rights Reserved.