GM to hire hackers to find bugs in car computers
Highly computerized cars could mean consumers’ data is vulnerable or driver safety might be endangered if car companies aren’t prepared to cut off any data breach or threat to cybersecurity at the pass.
General Motors is taking no chances. It’s bringing in those exact people who might do the infiltration to help thwart it.
In the upcoming weeks, GM will bring researchers, some of whom are professional computer hackers, to Detroit to offer them a bounty or cash payment for each “bug” they uncover in any GM vehicle computer systems.
“We’ll show them the products, programs and systems for which we plan to establish these bug bounties. Then we’ll put them in a comfortable environment, ply them with pizza and Red Bull or whatever they might need ... and turn them loose,” GM’s President Dan Ammann said in a speech at the Billington CyberSecurity Summit at Cobo Center in Detroit on Friday.
After that, GM will send these cybersecurity pros home with hardware to continue their research over many weeks, he said. The program, called Bug Bounty, will include about 10 researchers GM has hand-picked.
“They are white-hat researchers who we’ve established relationships with through our co-ordinated disclosure program,” Jeff Massimila, GM’s vice-president of Global CyberSecurity, told reporters at the summit.
“White hat” is internet slang for an ethical computer hacker or computer security expert who specializes in penetration testing or other testing methods to help protect an organization’s information systems.
GM started its co-ordinated disclosure program two years ago, Massimila said. He said GM was one of the first automakers to embrace the work of white hat researchers for its products and programs. The co-ordinated disclosure program was open to anyone, but GM did not pay those researchers for any contributions. Instead, he said, GM built relationships and identified the 10 it would pay to fix the bugs.
GM presently employs about 450 people working in the cybersecurity area, Massimila said.