Global cybersecurity firm Trend Micro Incorporated has just confirmed that Tesla will sponsor its inaugural Pwn2Own Automotive event.
“Pwn2Own is a key pillar in Trend’s Zero Day Initiative (ZDI), which has been helping us discover new vulnerabilities in consumer, industrial, and emerging technology for years. We’re delighted to welcome Tesla as title sponsor as we redouble our efforts to expand our influence in the field of automotive cybersecurity,”
Brian Gorenc, Trend Micro’s VP of Threat Research
The press release also noted that the winners can take home one million in cash prizes and Tesla electric cars.
What is Pwn2Own Automotive?
The Pwn2Own Automotive was originally an annual computer hacking competition involving vehicle security that started in April 2007.
However, the event organizers now hold the event twice a year, with the latest in March 2023.
The participants would be tasked to hack the cars’ software to determine previously unknown risks. It aims to show devices and software’s vulnerability to cyber-attacks. In effect, it enables companies to improve in those areas.
Moreover, it stimulates more security research and development in the auto ecosystem, incentivizes vendors to engage in security research, and educates the industry on complex sub-parts of contemporary vehicles like EVs. In fact, ZDI unveiled an astounding 1,706 new vulnerabilities in 2022.
As mentioned, the winners can receive a wide range of prizes from major sponsors, such as Tesla EVs.
Event details
The Pwn2Own Automotive will occur at the Automotive World conference in Tokyo from January 24 to 26 next year.
As mentioned, Tesla will be the event’s title sponsor, while Chargepoint will be a partner sponsor. It will offer technical assistance and hardware support for participants.
It is also worth noting that Trend Micro’s automotive security unit, VicOne, and Zero Day Initiative (ZDI) will jointly host the special event.
Categories
The Pwn2Own Automotive competition would include four categories with respective prizes.
Presented below are the details:
| Categories | Details |
| Tesla | First introduced in Pwn2Own Vancouver 2019, this category will enable contestants to compete to win cash prizes of up to $200,000 and their own vehicle. Contestants can register an entry against either a Tesla Model 3/Y (Ryzen-based) or Tesla Model S/X (Ryzen-based) equivalent benchtop unit. |
| In-Vehicle Infotainment (IVI) | These systems connect with our phones and provide Navigation, in-car internet, and Wi-Fi, as well as connectivity to other vehicle systems through the CAN bus, making them a popular target for hackers. There will be three IVI devices to target. |
| Electric Vehicle Chargers | EV chargers historically haven’t received much attention from the hacking community. Yet attack surfaces such as mobile apps, Bluetooth Low Energy (BLE) connections, and the OCPP protocol could all allow threat actors to cause harm to an EV. There will be six EV charger models to target in the competition. |
| Operating Systems | Participants will race to exploit vulnerabilities in Automotive Grade Linux, Blackberry QNX, and Android Automotive OS. |
You can also access the list of rules and prizes here.
See Also:
- Tesla cybersecurity hacked at the Pwn2Own event
- Tesla urges people to hack its EVs for $600,000 Pwn2Own prize
- Federal officials examine path forward for EV cyber security
- 2023 Tesla Model 3 – Review, Pricing, and Specifications
- Tesla Model 3 & Y qualify for California’s USD2,000 rebate
Tesla previously awarded the Model 3 prize to Synactive in March. The offensive security company successfully hacked the car’s cybersecurity faster than other teams. Apart from that, the team also secured $100,000 and 10 Master of Pwn points.
