As the security measures applicable to computer systems advance, new malicious hacking methods are also developed, so it is vital for technology companies to protect their creations with the best information security mechanisms available.
In addition to the work of their internal
security teams, tech developer companies depend on the work of independent
researchers through the creation of vulnerability bounty programs and ethical
hacking events, which allows them to create a comprehensive collaborative
environment in order to prevent cybercriminals from exploiting security errors.
Pwn2Own is one of the most anticipated events by the information security community. The next edition of the event, to be held in Vancouver next March, presents as its main attraction a bounty of almost $1 million USD, in addition to a Tesla Model 3, which will be granted to the hacker who manages to compromise the security systems of this car.
Through a statement, The Zero Day Initiative
vulnerability disclosure platform released the announcement: “To receive
the full award, the participant must find a way to compromise the security of the
different systems of the car”. According to information security experts, Tesla
cars have multiple layers of protection, so compromising their security systems
would require a long and complex exploitation chain.
The first prize consists of a Tesla Model 3 and
$500k USD, although the cash prize can reach uo to $950k USD if any participant
manages to solve some Tesla Model 3 hacking challenges using peripheral devices,
which would make it the highest ever prize handed over to an ethical hacker.
Although many are still surprised by the
announcement, this is not Tesla’s first foray into this area, as during last
year’s Pwn2Own event rewards were also offered for reports of vulnerabilities within
this automotive company’s developments, the International Institute of Cyber
Security (IICS) mentioned. Pwn2Own will take place between March 18 and 20 and
is expected to involve renowned members of the independent ethical hacking
community and information security firms.