Pwn2Own contest will pay $900,000 for hacks that exploit this Tesla
Pwn2Own has been the foremost hacking contest for more than a decade, with cash prizes paid for exploits that compromise the security of all manner of devices and software. Browsers, virtual machines, computers, and phones have all been fair game. Now in its 13th year, the competition is adding a new category—a Tesla Model 3, with more than $900,000 worth of prizes available for attacks that subvert a variety of its onboard systems.
The biggest prize will be $250,000 for hacks that execute code on the car’s gateway, autopilot, or VCSEC. A gateway is the central hub that interconnects the car’s powertrain, chassis, and other components and processes the data they send. The autopilot is a driver assistant feature that helps control lane changing, parking, and other driving functions. Short for Vehicle Controller Secondary, VCSEC is responsible for security functions, including the alarm.
These three systems represent the most critical parts of a Tesla, so it’s not hard to see why hacks that target them are eligible for such huge payouts. To qualify, the exploits must force the gateway, autopilot, or VCSEC to communicate with a rogue base station or other malicious entity. Meanwhile, a denial-of-service attack that takes out the car’s autopilot will pay $50,000.