General Motors Started New Automotive Bug Bounty Program

  • 78

General Motors have been working out how to produce their best for their customers. In an attempt to beef up their auto security, GM has announced another ‘Bug Bounty Program’ on Friday. They will be bringing in a few select ‘white-hat hackers’ to find bugs in the cars’ software.

General Motors Announces Bug Bounty Program

General Motors takes another step towards improving the security of their computerized cars. While delivering a speech at the Billington CyberSecurity Summit on Friday, Dan Ammann, President GM, announced a bug bounty program.

Reportedly, GM will hire a few ethical hackers to detect various bugs in their cars’ software. These hackers will receive a cash payment for each bug they detect in GM vehicles’ computers.

According to Dan Ammann,

“We’ll show them the products, programs, and systems for which we plan to establish these bug bounties. Then we’ll put them in a comfortable environment, ply them with pizza and Red Bull or whatever they might need … and turn them loose.”

In other words, GM will hand over the hardware to the hired researchers and will hope that in providing a comfortable environment for them these researchers can then work over several weeks finding problems in the system.

GM will hire a small team of white-hackers comprising around 10 members. For this, GM has already contacted a few researchers. As stated by Jeff Massimila, Vice President Global CyberSecurity at General Motors,

“They are white-hat researchers who we’ve established relationships with through our coordinated disclosure program.”

GM started its Coordinated Disclosure Program two years ago as an open program for all. However, GM did not pay the researchers who contributed to this program. Yet, it seems that those researchers who persistently helped GM will now get recognition for their work.

GM Will Employ The ‘Best Possible Team’ To Work On Their Systems

In his speech at the Summit held at Cobo Center in Detroit, Ammann explained why GM has planned for such an investment in auto security.

“One cyber incident could stymie (autonomous vehicle) deployment altogether, or at least delay it for a long time. The public and policymakers would view a major cybersecurity incident involving any one of us as an incident involving all of us,” said Ammann. “ The overall threat level and so on is only going to grow from here, which is why we’re putting so much energy and resources into getting ahead and staying ahead.”

Furthermore, he expressed the company’s plans to set up the ‘best-possible, most talented team’ to work on. It will also include third-party researchers.

“Not just inside the company but also taking advantage of third-party researchers, taking advantage of third-party expertise from multiple different places, working together across the industry to collaborate to make sure we have all the best minds working on this issue.”

However, the GM officials declined to comment regarding the amount they will pay to the researchers as bounty.

Let us know what you think in the comments section.


Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!