18:13 GMT29 November 2020
Listen Live
    Tech
    Get short URL
    0 56
    Subscribe

    United Airlines has followed in the steps of IT companies that reward Internet users for spotting web security breaches, giving away millions of frequent flyer miles to two cyber experts for uncovering the carrier’s website flaws.

    In what appears to be an unprecedented case in the US airline industry’s history, two hackers were awarded one million miles each for privately disclosing to company specialists information about United’s website’s security gaps.

    Jordan Wiens, owner of security firm Vector 35, says he was the one who reported United's web-security breaches to the company, pointing out weaknesses that could allow hackers to seize the company’s website. The carrier, however, hasn’t confirmed this information.

    United Continental Holdings Inc. runs a "bug bounty” program that rewards Internet users who report security holes straight to the company rather than sharing the “flops” online. This arrangement costs the airline less than hiring high-profile consultants. Some experts are calling the program a “big step forward for online security.”

    "Schemes like this reward hackers for finding and disclosing problems in the right way. That makes the internet safer for all of us," security consultant Dr. Jessica Barker told BBC News.

    Giants in the IT industry such as Yahoo, Google and Facebook are well known for using similar “bug bounty” programs. They also forbid hackers from revealing what kind of problems the company had after they’re rewarded.

    "Bug bounties are common in tech companies as they tend to understand online security a bit more, but other industries are catching up," Barker said.

    United announced the launch of the program in May. At least two cybersecurity disasters have befallen the carrier, including an incident in which operators were locked out of its reservations system, hampering the ability of travelers to check in for flights, and another in which the functionality of the software United uses to dispatch its flight plan was zapped.

    Related:

    Over 60% of US Citizens Say Government Does Little to Ensure Cyber Security
    US Companies to Share Info Under New Cyber Security Proposal: White House
    US Should Consider Significant Cyber Security Reforms: Congresswoman
    Tags:
    bugs, cyber security, hackers, Google, United Airlines, Facebook, Yahoo, US
    Community standardsDiscussion