- Pwn2Own's 15th anniversary hacking competition is taking place in Vancouver this week.
- The top prize, for participants who manage to hack a Tesla, is $600,000 and the vehicle itself.
- Dustin Childs told Insider he'd never seen a day where every exploit "worked the first attempt."
- For more stories go to www.BusinessInsider.co.za.
Many of the world's top hackers gathered in Vancouver, Canada this week to try to break into highly guarded technology including Microsoft Teams, Apple's Safari browser and a Tesla car. The top prize, for people who manage to hack a Tesla Model 3, is $600,000 (about R9,5 million) and the vehicle itself.
The hackers have come together as part of a contest to celebrate the hacking competition Pwn2Own's 15th anniversary, in what has become a lucrative testing ground for researchers to find exploits and warn companies about their vulnerabilities.
Originally created by cybersecurity researcher Dragos Ruiu in 2007 as a challenge to hack into MacBook Pros, the contest is now held multiple times a year and takes place over several days. The competition benefits both the hackers, who earn prizes, and the companies that make the fallible technology, since the participants reveal how the flaw was found so it can be resolved, according to the MIT Technology Review.
On Wednesday, the first day of this year's contest, hackers managed to crack into Microsoft Teams, Mozilla Firefox, and Safari. Dustin Childs, the communications manager of Trend Micro's Zero Day Initiative, which hosts the contest, told Insider he had expected to see "bug collisions," or two researchers finding the same flaw, but was surprised to find everything "was a unique exploit."
"This is the only contest day in memory when every exploit worked, worked the first attempt, and nothing collided," Childs said. "Just amazing to see."
Among the contenders is the researcher Manfred Paul, who has participated in Pwn2Own before, and representatives from Synacktiv, a cyber security company.
Childs called Pwn2Own an "outlet" for "researchers to disclose vulnerabilities while being publicly recognized and financially compensated" and stressed the current importance of cybersecurity.
Over the last 15 years, Childs said, the competition has grown "from a small, browser-focused event to multiple locations across the globe." They started out by awarding $1,000 to winners and last year gave out $2,000,000 across the events, he said. On Wednesday, day one of three, they distributed $800,000 in prize money. The 2022 contest is hybrid, meaning participants can attend the event in person or compete virtually.
The contest's name comes from a combination of the slang term "pwn," which usually means to beat someone else, and "own," because competitors who successfully hack into the software and technology get to leave with it.
Technological infrastructure has long been a concern among companies and governments, but it's become a larger focus in recent years as countries have engaged in information wars to impact political campaigns and launched targeted hacking operations. In April, US government agencies like the NSA and FBI, along with cybersecurity authorities from allied nations, released a joint advisory concerning Russian actors aiming cyber attacks at infrastructure that "could impact organizations both within and beyond the Ukraine region."
Meanwhile, a Russian hacking group known as Conti launched a ransomware attack against the Costa Rican government in April that has caused the country a slew of problems, including impeding the nation's tax collection system, leading it to declare a state of emergency, according to The New York Times.