Fiat-Chrysler said it has launched a bug bounty program that invites hackers to find cybersecurity flaws in the automaker’s vehicles.
With cars becoming smarter and smarter as connectivity features rapidly advance, security concerns have unavoidably increased. To find and fix system glitches in its cars and connected services, Fiat Chrysler has proposed a very interesting program, through which hackers have been invited to show their skills. The public bug bounty idea is managed by the Bugcrowd platform, which runs programs for a range of companies including Tesla, and a reported vulnerability could earn the “friendly” hacker from 150 to 1,500 dollars.
“Exposing or publicizing vulnerabilities for the singular purpose of grabbing headlines or fame does little to protect the consumer,” Titus Melnyk, senior manager – security architecture for FCA, said. “Rather, we want to reward security researchers for the time and effort, which ultimately benefits us all.”
FCA become last year the first company in the world to recall vehicles because of a car hacking threat. The vulnerability uncovered at that time by Wired Magazin led to a 1.4-million-vehicle callback to prevent the use of a wireless connection to gain control of the cars.
“Automotive cybersafety is real, critical, and here to stay. Car manufacturers have the opportunity to engage the community of hackers that is already at the table and ready to help, and FCA US is the first full-line automaker to optimize that relationship through its paid bounty program,” Casey Ellis, CEO and founder of Bugcrowd, said.