Journal Home Online First Current Issue Archive For Authors Journal Information 中文版

Engineering >> 2022, Volume 17, Issue 10 doi: 10.1016/j.eng.2022.08.002

Hacking Contests Offer Big Payouts for Exposing Security Flaws

Senior Technology Writer

Available online: 2022-08-17

Next Previous

Figures

Fig. 1

References

[ 1 ] Childs D. Pwn2Own 2022 Vancouver: the results [Internet]. Irving: Zero Day Initiative; 2022 May 18 [cited 2022 Jul 1]. Available from: https://www. zerodayinitiative.com/blog/2022/5/18/pwn2own-vancouver-2022-the-results. link1

[ 2 ] Understanding privilege escalation and 5 common attack techniques [Internet]. Boston: Cynet; c2022 [cited 2022 Jul 1]. Available from: https:// www.cynet.com/network-attacks/privilege-escalation/. link1

[ 3 ] Haworth J. Pwn2Own Vancouver: 15th annual hacking event pays out $1.2 m for high-impact security bugs [Internet]. Knutsford: The Daily Swig; 2022 May 23 [cited 2022 Jul 1]. Available from: https://portswigger.net/daily-swig/ pwn2own-vancouver-15th-annual-hacking-event-pays-out-1-2m-for-highimpact-security-bugs. link1

[ 4 ] Winder D. iPhone pro hacked: Chinese hackers suddenly break iOS 15.0.2 security [Internet]. New York City: Forbes; 2021 Oct 18 [cited 2022 Jul 1]. Available from: https://www.forbes.com/sites/daveywinder/2021/10/18/ iphone-13-pro-hacked-chinese-hackers-suddenly-break-ios-1502-security. link1

[ 5 ] Kovacs E. $1.9 m paid out for exploits at China’s Tianfu Cup Hacking Contest [Internet]. Boston: Security Week; 2021 Oct 19 [cited 2022 Jul 1]. Available from: https://www.securityweek.com/19-million-paid-out-exploits-chinastianfu-cup-hacking-contest. link1

[ 6 ] Greenberg A. Inside the world’s highest-stakes industrial hacking contest [Internet]. San Francisco: Wired; 2020 Jan 23 [cited 2022 Jul 1]. Available from: https://www.wired.com/story/pwn2own-industrial-hacking-contest/. link1

[ 7 ] Rivero N. Why the cost of getting hacked is higher than ever [Internet]. New York City: Quartz; 2021 Jul 28 [cited 2022 Jul 14]. Available from: https:// qz.com/2039599/why-the-cost-of-getting-hacked-is-higher-than-ever/. link1

[ 8 ] Burgess M. Conti’s attack against Costa Rica sparks a new ransomware era [Internet]. San Francisco: Wired; 2022 Jun 12 [cited 2022 Jul 11]. Available from: https://www.wired.com/story/costa-rica-ransomware-conti/. link1

[ 9 ] Wilkie C. Colonial pipeline paid $5 million ransom one day after cyberattack, CEO tells senate [Internet]. New York City: CNBS; 2021 Jun 8 [cited 2022 Jul 1]. Available from: https://www.cnbc.com/2021/06/08/colonial-pipeline-ceotestifies-on-first-hours-of-ransomware-attack.html. link1

[10] Morrison S. How a major oil pipeline got held for ransom [Internet]. New York City: Vox; 2021 Jun 8 [cited 2022 Jul 1]. Available from: https://www.vox.com/ recode/22428774/ransomeware-pipeline-colonial-darkside-gas-prices. link1

[11] Russon MA. US fuel pipeline hackers ‘‘Didn’t mean to create problems” [Internet]. London: BBC News; 2021 May 10 [cited 2022 Jul 1]. Available from: https://www.bbc.com/news/business-57050690. link1

[12] Farrow R. How democracies spy on their citizens [Internet]. New York City: New Yorker; 2022 Apr 18 [cited 2022 Jul 1]. Available from: https:// www.newyorker.com/magazine/2022/04/25/how-democracies-spy-on-theircitizens. link1

[13] Mazzetti M, Bergman R. Defense firm said US spies backed its bid for pegasus spyware maker [Internet]. New York City: New York Times; 2022 Jul 11 [cited 2022 Jul 11]. Available from: https://www.nytimes.com/2022/07/10/us/ politics/defense-firm-said-us-spies-backed-its-bid-for-pegasus-spyware-maker. html. link1

[14] Ranger S. Cybersecurity: this is how much top hackers are earning from bug bounties [Internet]. New York City: ZDNet; 2020 Sep 22 [cited 2022 Jul 14]. Available from: https://www.zdnet.com/article/this-is-how-much-tophackers-are-earning-from-bug-bounties/. link1

[15] Fiscutean A. How Pwn2Own made bug hunting a real sport [Internet]. London: Dark Reading; 2022 May 19 [cited 2022 Jul 1]. Available from: https:// www.darkreading.com/edge-articles/how-pwn2own-made-bug-hunting-a-realsport. link1

[16] Ziemann F. Microsoft teams and Windows 11 hacked multiple times [Internet]. Dover: NewsABC; [cited 2022 Jul 1]. Available from: https:// newsabc.net/microsoft-teams-and-windows-11-hacked-multiple-times/. link1

[17] Chin M. How a university got itself banned from the Linux kernel [Internet]. New York City: The Verge; 2021 Apr 30 [cited 2022 Jul 1]. Available from: https://www.theverge.com/2021/4/30/22410164/linux-kernel-university-ofminnesota-banned-open-source. link1

[18] Brown E. Mozilla releases fixes for Firefox, Thunderbird vulnerabilities exploited during Pwn2Own Vancouver 2022 Hacking Contest [Internet]. New York City: iTech Post; 2022 May 25 [cited 2022 Jul 1]. Available from: https://www.itechpost.com/articles/110888/20220525/mozilla-releasesfixes-firefox-thunderbird-vulnerabilities-exploited-during-pwn2own-vancouver. htm. link1

[19] Goodin D. Pwn2Own is the perfect antidote to fanboys who say their platform is safe [Internet]. New York City: Ars Technica; 2014 Mar 14 [cited 2022 Jul 1]. Available from: https://arstechnica.com/information-technology/2014/03/ pwn2own-the-perfect-antidote-to-fanboys-who-say-their-platform-is-safe/. link1

[20] O’Neill PH. These hackers just showed how easy it is to target critical infrastructure [Internet]. Cambridge: MIT Technology Review; 2022 Apr 21 [cited 2022 Jul 1]. Available from: https://www.technologyreview.com/2022/ 04/21/1050815/hackers-target-critical-infrastructure-pwn2own/. link1

[21] Keizer G. Three-time Pwn2Own winner knocks hacking contest rules [Internet]. Needham: Computerworld; 2011 Feb 28 [cited 2022 Jul 1]. Available from: https://www.computerworld.com/article/2506261/threetime-pwn2own-winner-knocks-hacking-contest-rules.html. link1

Related Research