Trend Micro Incorporated announced that the Trend Micro Zero Day Initiative’s (ZDI’s) Pwn2Own bug bounty competition will launch a new event next year designed to make the connected vehicle ecosystem more secure.
In recognition of the growing importance of and threat to the connected vehicle ecosystem, a standalone competition – Pwn2Own Automotive – will take place in January 2024 at Automotive World Tokyo.
Sharda Tickoo, Technical Director India & SAARC at Trend Micro, said, “A car isn’t just a car today. New vehicles offer systems and components that deliver enhanced computing power but also broaden the cyber-attack surface. Through our VicOne subsidiary and now Pwn2Own, Trend Micro protects this fast-growing part of the connected digital world for all global citizens.”
Now in its 17th year, Pwn2Own challenges the world’s best hackers to find and exploit vulnerabilities in widely used software and devices before threat actors exploit them.
Pwn2Own Automotive will accomplish three goals:
- Further automotive research by encouraging researchers to contribute and be financially rewarded for reports covering various products and platforms.
- Illuminate the attack surface by highlighting critical technologies that need to be evaluated.
- Incentivize the discovery of challenging and complex threats by offering increased bounties for multi-system attacks.
Automotive systems have played an increasingly prominent role in Pwn2Own over recent years, spearheaded by participation from Tesla. A team won the overall Master of Pwn award in 2019 after successfully hacking a Tesla Model 3. Then last year, competitors were able to demonstrate the exploitation of two more unique bugs in the car’s infotainment system. The electric carmaker will return to Pwn2Own Vancouver as a sponsor in 2023, once again offering a Model 3 as a potential prize for successful participants.