United Airlines will reward hackers with air miles
Bug bounty programme is first of its kind for US airline industry
United Airlines has set up a bug bounty programme, which rewards hackers with air miles, in a bid to beef up its cyber security standing.
With traditional bug bounty programmes, when hackers or researchers find a flaw, rather than exploiting it, they receive a monetary reward for reporting it.
United Airlines has opted for a different route. Instead of money, the firm is paying out air miles for bug reports. It is believed to be the first ever airline in the US to do so.
So far, the company confirms, two awards have been paid out, both to a total of one million miles each. At the time of writing, that equates to 16 round-trip economy tickets from Europe to the US, with change left over.
The US airline has been hit by a series of high-profile cyber gaffes over the past few months, including one instance of a security expert claiming to have hacked into his plane's avionics through the in-flight entertainment, and two separate occasions where technical faults grounded United Airlines planes nationwide.
However, the bounty programme comes with certain restrictions. "Onboard Wi-Fi, entertainment systems or avionics", for example, are all off-limits. This is to do with safety concerns, as unauthorised access to critical flight systems could prove hugely dangerous.
The terms of the agreement also prevent disclosure of the bug, as well as exploiting it at any point.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Bug bounties are a common practice among tech-savvy start-ups, but have yet to see widespread adoption outside of the world of IT. If United Airlines proves successful with its programme, this could signal the start of a new wave of bounty-hunting.
Adam Shepherd has been a technology journalist since 2015, covering everything from cloud storage and security, to smartphones and servers. Over the course of his career, he’s seen the spread of 5G, the growing ubiquity of wireless devices, and the start of the connected revolution. He’s also been to more trade shows and technology conferences than he cares to count.
Adam is an avid follower of the latest hardware innovations, and he is never happier than when tinkering with complex network configurations, or exploring a new Linux distro. He was also previously a co-host on the ITPro Podcast, where he was often found ranting about his love of strange gadgets, his disdain for Windows Mobile, and everything in between.
You can find Adam tweeting about enterprise technology (or more often bad jokes) @AdamShepherUK.