March 29, 2016
Corporations are at a huge disadvantage when it comes to cybersecurity. As soon as they fix one data breach another pops up as thousands of malicious hackers worldwide mount attack after attack, sometime with evil intent and at other times just because they can. They are outnumbered in a never-ending cat and mouse game that is expensive and corrosive.
For some time now tech companies such as Google, Microsoft, Facebook, Twitter and Mozilla have been paying “bug bounties” to white hat hackers to find weaknesses in their systems before the bad guys do. Now, the bug bounty business is stepping up into a higher gear.
Uber, the ride-hailing app, last week said that it would pay hackers up to $10,000 to find security gaps in its systems. General Motors, America’s largest carmaker, also lifted the lid this month on a “collaborative disclosure” program under which it invites computer researchers to search for cybersecurity gaps in GM vehicles, websites and software. It isn’t yet offering cash bounties, although that may well follow.
GM’s actions follow growing concerns among carmakers about cybersecurity gaps in their vehicles, which peaked last year when researchers for Wired magazine demonstrated that hackers could wirelessly take control of some functions of a Jeep Cherokee. That prompted the vehicle’s maker, Fiat Chrysler, to recall more than a million vehicles and triggered a federal safety investigation.