wehearthackers-logo

The #WeHeartHackers initiative

#WeHeartHackers connects independent security researchers with industry, to collaborate, assess, and address potential issues that could cause harm to human life, public safety, and public trust.

Developed by industry and the security research community with support from federal government partners, the #WeHeartHackers initiative acts as a public private partnership that accelerates security maturity across and within critical infrastructure sectors.

In 2019, #WeHeartHackers saw 10 medical device makers pledge high-trust collaboration with the security researcher community. These industry partners provided security researchers with more than 30 medical devices, learning adversary tactics and improved security approaches. Among other output, research from this event contributed to FDA and DHS communications about critical infrastructure, coordinated first with the affected companies.

The #WeHeartHackers initiative is expanding to other sectors in 2020 with the help of DHS, sector specific agencies, such as the FDA, industry partners and other security researcher-led non-profit organizations to galvanize support from critical infrastructure manufacturers. We welcome those who support good faith cybersecurity research to ensure we are safer, sooner, together.

Tweet #WeHeartHackers

Join #WeHeartHackers

At future events – like @Defcon – we encourage manufacturers to increase engagement with the cyber research community through device demos and our #wehearthackers event. This demonstrates a company’s commitment to cyber principles: Trustworthiness. Transparency. Resilience.

— FDA Commissioner, Scott Gottlieb, M.D. (@SGottliebMD) January 29, 2019

The US Food and Drug Administration, the non-profit Biohacking Village, and I Am The Cavalry call on medical device and clinical system manufacturers to improve the cybersecurity of global healthcare by committing to:

Collaborate with cybersecurity researchers, acting in good faith, who report potential vulnerabilities,
Officially attend the Biohacking Village: Device Lab at DEF CON 28,
Provide medical devices for testing,
Assess, disclose, and mitigate potential cybersecurity vulnerabilities identified, and
Invite your peers to do the same.

“Govt needs to wake up and realize software is in everything, and that the provenance that we have of our systems has to start with that root individual component...I think DEF CON can be a great platform to find those things...My hope is to bring the ethical hacker community into our design process...

— Assistant Secretary of the Air Force for Acquisition, Technology and Logistics US Air Force, Dr. Will Roper, December 11, 2019

“...States are encouraged to set up appropriate mechanisms for cooperation with ‘good faith’ security research, which is research activity carried out in an environment designed to avoid affecting the safety, security and continuity of civil aviation.”

— Aviation Cybersecurity Strategy, International Civil Aviation Organization, October 2019.

The complexity of the aerospace ecosystem requires cooperation across numerous entities, such as:

Air/Spacecraft Manufacturers
Air/Space Ports
Air Traffic Control
H/W & S/W Suppliers
Navigation Systems
Ground, Air, Satellite Communications & Monitoring Networks

The Aerospace Village calls on stakeholders from industry, academia, and the security research communities to follow the #WeHeartHackers model by committing to:

Collaborate with cybersecurity researchers, acting in good faith, who report potential vulnerabilities,
Officially participate in the Aerospace Village at DEF CON 28,
Provide aerospace devices for testing,
Assess, disclose, and mitigate potential cybersecurity vulnerabilities identified, and
Invite peers to do the same.

Coming soon...

</container>

View on GitHub