As the car becomes more connected, individuals have consistently found ways to exploit its systems. It’s one reason why General Motors is stepping up its “bug bounty” program. Gizmodo reported last Thursday that the automaker will expand its program this summer and invite friendly hackers to seek out could-be problems.
GM launched its first vulnerability disclosure program, called HackerOne, in 2016. Since then, 500 researchers have taken part and found 700 issues relating to car security. However, unlike other companies, GM hasn’t paid researchers for their findings. This summer, that will change with the automaker’s new private hacking team.
Participants will be stationed at its headquarters with the vehicles and software to pore over the vehicles in search for possible vulnerabilities. GM reiterated it’s a tough job since researchers need access to the vehicles themselves. So, GM will simply bring the researchers to the vehicles and let them look into elements such as the infotainment systems and radio.
Infotainment systems are often the point of entry for bad actors, which makes it a crucial area for researchers to tinker with.
Infamously, GM faced the “OwnStar” hack in 2015. Hackers were able to gain access to unlock the vehicle’s doors, see its location on a map, and start the engine via a driver’s RemoteLink app. GM announced in 2015 that it had closed the hack permanently.