GM has publicly announced plans to launch a “security vulnerability disclosure program,” which guarantees not to take legal action against hackers when discovering security flaws in the company’s cars. This disclosure program, which only Tesla has adopted until now, seeks to discover security flaws that may arise as cars become more dependent on computers. What’s more, GM has recently entered into an agreement with Lyft to venture into “the world of self-driving cars.” As these concepts become more common, security flaws could lead to devastating occurrences from malicious cyberattacks.
While some may find it counterproductive for companies to play nice with hackers, GM’s previous experience with inefficient cybersecurity measures helps explain why it must work with hackers, who are often the best in the business: “In 2015 researcher Samy Kamkar found a vulnerability that could let hackers turn on the engine in a car or open the vehicle through the company’s OnStar RemoteLink app.” Experiences like these display the dangers of gaps in cybersecurity when put in the wrong hands. While risky, this promise to not take legal action could help safeguard against future auto cyberattacks as we begin to see more self-driving automobiles.