Tesla Summon

A free Tesla Model 3 will be awarded to the first person to successfully hack into a mid-range version of the US car-maker’s mass-market electric car, as part of the upcoming Pwn2Own hacking competition in Vancouver.

The security of web-connected cars are, naturally, only as strong as the software that governs them, and events like Pwn2Own are critical in unearthing vulnerabilities – something that is not lost on Tesla who this year have added the Tesla Model 3 to large cash prizes for successful hacks.

Pwn2Own has grown from a minor contest offering “security researchers” – that is, professional hackers – prizes of $US10,000 (almost $A14,000) in 2007, to a leading event that pays up to a quarter of a million dollars (US) for identifying a vulnerability in high risk targets.

To help attract the best talent, Tesla has clearly decided a new Tesla Model 3 is a small price to pay for ensuring the safety of its EV customers – particularly as high level features like autonomous driving are being introduced.

Pwn2Own and Tesla are offering prizes totalling $US915,000 (over $A1.2million) across six targets, including $US35,000 ($A48,000) for an infotainment hack, or $US60,000 ($A83,000) for cracking wi-fi or bluetooth capabilities.

$US100,000 ($A140,000) is on offer for either a modem/tuner hack or identifying a vulnerability in key fobs or phone-as-key.

A massive $US250,000 ($A346,000) will be paid to the first hacker to exploit a vulnerability in Tesla’s Autopilot software, gateway or VCSEC (that is, Vehicle Controller Secondary, responsible for security functions such as the alarm).

Two additional targets are available for those successfully cracking the modem/tuner, wi-fi/bluetooth or certain infotainment hacks.

The first-round winner to hit any of the targets will also drive away with a brand new Tesla Model 3 – not too bad for a day’s hacking!

Pwn2Own tesla table
Source: Zero Day Initiative

Of course, Tesla doesn’t only rely on hacking events such as Pwn2Own to identify security vulnerabilities in its software.

Through crowdsourced hacking service BugCrowd, it recently upped its top payout for findings related to automotive and energy products to $US15,000 ($A20,000).

Get up to 3 quotes from pre-vetted solar (and battery) installers.