Reward Payouts Prevent Hacks
In the last three years, the Google tech team reported 376 bugs, which accounted for 2019, 2020, and 2021. Most of the issues were quickly fixed by Google’s vendors within the standard 90-day deadline, which amounts to 351 or 93.4%. However, no explanation was given why no remedial updates were rendered to the other 14 or 3.7% of the reported bugs.
Project Zero’s Ryan Schoen reported on the patching of the Zero-day bug, according to each tech company disclosure policy. The industry standard of quickly fixing these critical vulnerabilities was documented in this Project Zero blog post.
The Zero-day bugs have left tech giants like Microsoft, Google, Samsung, and Apple scrambling to release patches to fix the critical vulnerabilities. However, these are a few consumer brands found with critical bugs. These vulnerabilities easily bypass the Multi Factor Authentication protocol that is available in all tech gadgets. To fix the problems, patches must be quickly made available. But if no immediate fix is applied, it allows dark web hackers to hack into the devices found with Zero-day bugs. Hackers are renowned to used hacked gadgets to launch malicious codes in their hacking attack campaigns.
Heavy Investment Thwart Hackers
In the tech company’s effort to protect its consumers against dark web hacking groups notorious for crippling hacking attacks, the organization invested heavily in its technical staff and rewards programs.
Google stated that the company has invested heavily in 2021 in its cyber security program. The tech company paid $8.7 million to security researchers with its Vulnerability Reward Programs (VRPs).
The tech giant massive investment in its products for Chrome VRP includes Google Chrome, as well as the security for many Chromium browsers. Reportedly, Google received 333 bugs reports and paid $3.3 million, in addition to $45,000 associated with a Chrome OS flaw report.
The Google Android VRP double its reward program in 2020, with $3 million paid for Zero-day Bug reports. Also, $157,000 was paid for a discovered exploit chain – the highest paid Android reward.
Above all, it is always said that one good turn deserves another. With that in mind, the ethical hackers that supported the Google rewards program donated over $300,000 of the money paid to them to their favorite charities.