Last week in Las Vegas, Apple announced that it is increasing the prize find for its bug bounty program from $200,000 to $1 million in an effort to improve security and safety practices for its MacOS.
Big tech companies often use bug bounty programs to encourage tech geniuses and young computer whiz kids to find flaws in their systems by trying to hack into them, with big cash prizes for those that get through. The first was introduced in 1983 by Hunter & Ready to find bugs in its operating system, with the prize being a new Volkswagen.
In 2018, Verizon paid $5 million to hackers, while Microsoft offers prizes of up to $250,000. Facebook and AT&T have no limits to their prize funds, which could still cost them less than hiring a professional security-auditing firm.
The tactic has even been employed by the US Government. In 2016, President Obama’s message to “hack the pentagon” resulted in 250 hackers finding 138 system flaws. The pentagon paid these hackers a total of $150,000. Secretary of Defense at the time, Ashton Carter, was reported as saying that the government would have needed an extra $850,000 to hire a professional security company.
As awareness of the importance of data privacy and the implication of a breach rises, and governments introduce legislation and fines for companies that do not adequately protect themselves, hackers may find themselves coming out of the shadows to earn a very lucrative living.