Security & Fraud

GM Asks Hackers For Cybersecurity Help

GM is amping up its cybersecurity unit to ready itself against rising possibilities of threats to its automobile firewall. The company has called for hackers to help it uncover loopholes in its cybersecurity net for vehicles, websites and software, under a “coordinated disclosure” program.

The program’s launch comes at a time when cybersecurity gaps in the automobile industry are increasingly drawing scrutiny on a regulatory level and are leading to massive recalls, The Wall Street Journal reported. For instance, in July last year, Fiat Chrysler recalled 1.4 million Jeep Grand Cherokees after two high-profile security hackers exposed a major security loophole.

In another such case last year, hackers reportedly were able to locate a GM car, unlock it and start it by placing a device under the vehicle. GM, however, was able to push a security update to its system without a massive recall.

“We’re putting a lot of technology into our cars,” said Jeff Massimilla, chief product cybersecurity officer at GM, told Fortune. “There’s a responsibility, obviously, to put an appropriate level of security with those technologies. There wasn’t one single event that prompted this action. We have been maturing our cybersecurity program within GM for sometime now. And as we’ve matured, we have had some interaction with researchers.”

GM’s collaboration with researchers can be called a bug bounty program of sorts, except that the Detroit-based company is not offering any monitory reward for uncovering a security loophole.

The company’s increased focus on weatherproofing its cybersecurity blanket is synchronous with its interest in developing driverless cars, which many would argue could be more prone to cyberattacks. In January this year, the company invested $500 million in ride-sharing app company Lyft to develop driverless ride-sharing cars.

So far, the automobile industry has only seen attacks from researchers in a controlled environment, which have helped prevent any attacks out in the wild. “The most exciting thing is that the auto industry is addressing this before there is an issue,” Massimilla added.

——————————–

Latest Insights: 

The Payments 2022 Study: Building A High-Performance Payments Team For Fraud Detection, a PYMNTS collaboration with Stripe, examines how digital platforms of all sectors and sizes plan to develop their anti-fraud teams as part of their their broader growth and development strategies. Drawing from an extensive survey from approximately 250 payments heads at digital platforms in the U.S. and abroad, our study analyzes how poor anti-fraud capabilities can harm platforms’ long-term growth strategies, and how they can build high-performing teams to tackle these challenges.

TRENDING RIGHT NOW

To Top