United Offering Up to a Million Miles to 'Ethical Hackers'
Image courtesy of Thinkstock
In light of increased cybersecurity issues for businesses worldwide, United Airlines is beginning a “bug bounty” program. The airline will award “ethical” or “white hat” hackers who find and report security bugs in the airline’s network up to one million air miles, Arjun Kharpal of NBC News reported.
According to a figure calculated by Juniper Research, cited by Kharpal, data breaches will cost businesses around the world $2.1 trillion in total by 2019, four times 2015’s amount.
Setting an external group of white hat hackers loose to find security flaws is not a new tactic for businesses, but United is one of the first airlines to try it.
United’s website fleshes out what is eligible for submission to get those miles. Areas in their system the airline wants scoured for bugs includes the customer facing websites, the United app, and where the user’s private credentials are kept.
Discoverers of low-level bugs get 50,000 miles, while those who find bugs of medium severity get 250,000. The grand prize of a million air miles, goes to the hacker who finds a "remote execution code," which, according to Kharpal, allows a hacker to “infiltrate a network from a remote location.”
But there are limits.
Drawing the line at passenger safety in the air, bugs found in "onboard Wi-Fi, entertainment systems or avionics" are not eligible for submission, according to United. They also warned that if a white hat hacker turns to a “black hat,” they face disqualification from the program, and a legal investigation.
Jason Steer, chief security strategist at FireEye commented about the logic of an external group finding bugs in the system. "This is a really smart move by United Airlines, as crowdsource testing for security weaknesses can be hugely valuable to organizations," he said in a statement. "Its bug bounty is a novel way to incentivize white hat hackers to look for weaknesses in its system, and a great way to save them money whilst increasing its security."
For more Airlines & Airports News
More by Michael Isenbek
Get Travel Deals and Travel News
Recent Travel Opinions
Airlines & Airports
Cruise Line & Cruise Ship