The electric car maker is raising the ante in automotive security, putting one of its swanky models as a target at a hacking contest
Driven by considerations for vehicle security, the automaker is raising the ante and will be putting up one of its models as a target at a hacking contest. This will be the first time that, in fact, any car will face infiltration attempts at a white-hat competition. The honor now officially belongs to a mid-range rear wheel drive Tesla Model 3, priced at US$44,000.
On top of the car, hackers can win up to US$900,000 for identifying a variety of loopholes in the car’s systems at the Pwn2Own hacking contest, which will take place within the CanSecWest 2019 security conference in Vancouver, Canada, in late March.
The largest payout – of up to US$250,000 – will be awarded for code execution on the car’s gateway, autopilot, or VCSEC that will involve communication with a “rogue base station or other malicious entity”, wrote the Zero Day Initiative. “And the first successful researcher can also drive off in their own brand new Model 3 after the competition ends”.
Standing for ‘Vehicle Controller Secondary’, VCSEC is responsible for security and alarm, among other functions. Other hacking categories in the contest’s Tesla-centered section include ‘key fobs or phone-as-key’, ‘modem and tuner’ and ‘infotainment’.
Tesla CEO Elon Musk has articulated his commitment to securing Tesla vehicles. “It is my top concern from a security standpoint—that Tesla is making sure that a fleet-wide hack or any vehicle-specific hack can’t occur,” he said in 2017, as reported by CSOonline.
Tesla opened its doors to white hats back in 2014. Researchers who have been the first to report a particular vulnerability in the car maker’s vehicle systems have made it into its Security Researcher Hall of Fame.
According to electrek, the company has given away hundreds of thousands of US dollars in rewards for reporting vulnerabilities in its vehicle systems.
Other targets at Pwn2Own will include web browsers, enterprise applications, and virtualization applications.