Security & Fraud

GM Asks Hackers For Cybersecurity Help

GM is amping up its cybersecurity unit to ready itself against rising possibilities of threats to its automobile firewall. The company has called for hackers to help it uncover loopholes in its cybersecurity net for vehicles, websites and software, under a “coordinated disclosure” program.

The program’s launch comes at a time when cybersecurity gaps in the automobile industry are increasingly drawing scrutiny on a regulatory level and are leading to massive recalls, The Wall Street Journal reported. For instance, in July last year, Fiat Chrysler recalled 1.4 million Jeep Grand Cherokees after two high-profile security hackers exposed a major security loophole.

In another such case last year, hackers reportedly were able to locate a GM car, unlock it and start it by placing a device under the vehicle. GM, however, was able to push a security update to its system without a massive recall.

“We’re putting a lot of technology into our cars,” said Jeff Massimilla, chief product cybersecurity officer at GM, told Fortune. “There’s a responsibility, obviously, to put an appropriate level of security with those technologies. There wasn’t one single event that prompted this action. We have been maturing our cybersecurity program within GM for sometime now. And as we’ve matured, we have had some interaction with researchers.”

GM’s collaboration with researchers can be called a bug bounty program of sorts, except that the Detroit-based company is not offering any monitory reward for uncovering a security loophole.

The company’s increased focus on weatherproofing its cybersecurity blanket is synchronous with its interest in developing driverless cars, which many would argue could be more prone to cyberattacks. In January this year, the company invested $500 million in ride-sharing app company Lyft to develop driverless ride-sharing cars.

So far, the automobile industry has only seen attacks from researchers in a controlled environment, which have helped prevent any attacks out in the wild. “The most exciting thing is that the auto industry is addressing this before there is an issue,” Massimilla added.



Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.