Tesla Motors may be considered as a technological leader, but it doesn’t mean that its products and services are immune to the challenges and threats posed in the Internet age, including hacking attacks. The company’s website and Twitter account were hacked a couple of months ago, with perpetrators posting messages that only appeared to be aimed at pranking Tesla and its customers, an event that even though didn’t do any real harm to the car maker, prompted it to start thinking more seriously about how to protect itself against potential security risks it may be exposed to.
Elon Musk’s company has announced that it has decided to seek help from the hacker community as it tries to discover the vulnerabilities of its products and services and protect them from future attacks. Tesla has launched a bug bounty program on the Bugcrowd bug hunting platform, asking benevolent hackers to try and detect vulnerabilities on the company’s website and report them to an email address set up by Tesla specifically for this purpose: firstname.lastname@example.org. As a reward, hackers will receive anywhere between $25 and $1,000 per bug, depending on the bug type.
“Tesla values the work done by security researchers in improving the security of our products and service offerings. We are committed to working with this community to verify, reproduce, and respond to legitimate reported vulnerabilities. We encourage the community to participate in our responsible reporting process,” stated the company on its Bugcrowd page.
Even though the cash rewards offered by Tesla are drastically lower than those involved in similar programs launched by companies like Facebook and Google, they still present some kind of incentive for those who are able to uncover security issues with the company’s services to try and help it improve its digital security, which would benefit Tesla’s customers, as well.
While trying to make its website less vulnerable to hacking attacks is definitely a good thing and can help the company provide better customer service, many people are still wondering whether Tesla intends to launch a similar program that would be aimed at increasing the digital security of its vehicles. Given that Tesla’s cars rely on their on-board software extensively, they can be an easy target for hackers who are able to take control of various car functions remotely and jeopardize occupants’ safety or steal personal information.
Last year, Tesla awarded $10,000 to Qihoo 360, a leading Internet security company based in China, after it hacked a Model S in a non-formal hacking competition. Considering that almost all major players in the auto industry are developing connected-car, as well as vehicle-to-vehicle and vehicle-to-infrastructure technologies, which allow vehicles to talk to each other and to the traffic infrastructure and wirelessly share important safety data, protection from cyber attacks and the ability to detect and fix security vulnerabilities in cars is expected to be one of the top priorities for most automakers in the future. That’s when these types of bug bounty programs might come in pretty handy to car manufacturers.