• Are You A Hacker? FCA Will Pay You To Expose Security Risks

More manufacturers need to get on board with this ASAP

Hackers often get a pretty bad rap, as they are often advertised as bad people who take advantage of security vulnerabilities for their own gain, often stealing personal information or other valuable data. But, not all of them are bad. In fact, there are a number of Fortune 500 companies like AT&T and United Airlines pay "ethical hackers" to expose vulnerabilities within their systems. In the automotive world, the most prominent company that takes this approach is Tesla, who pays anywhere between $100 and $10,000 to anyone who finds and reports any vulnerabilities. Now, FCA is offering up a similar program, albeit with some limitations.

It’s been a year since professional hackers publicly exploited ta cellular vulnerability that allowed them to remotely manipulate a 2015 Jeep Cherokee – something that opened everyone’s eyes to the potential danger of having cars that are increasingly becoming smarter and more connected. To help prevent similar vulnerabilities in the future, FCA is now offering up between $150 and $1,500 to anyone who notifies them of security flaws through a program on bugcrowd.com. There is a stipulation, though, as the company will only pay for vulnerabilities found in its Uconnect system and owner websites.

Titus Melnyk, FCA’s Senior Manage for Security Architecture, said, “There have been a number of things where people have reached out to us through customer care and other contact methods where they highlighted things that were of interest.” He continued, saying that the bugcrowd program is “just a nice, official way to make it easier for people to contact us and know what we’re really interested in.”

So, there you have it. If you’re technologically inclined or a “hacker” help keep FCA cars safe from security risks and make a little money while you’re doing it.

Continue reading for the full story.

Why it matters

I think it’s great FCA is finally on board with a program like this. So far, Tesla has paid out at least 132 bounties to hackers – according to bugcrowd – and I have a feeling that FCA will be paying out some bounties pretty soon itself. Security vulnerabilities have been a risk since the internet came into existence, and now that just about every new car worth having has internet connectivity, it’s something manufacturers need to take seriously. It will become increasingly important that manufacturers remain vigilant as our cars continue to evolve. We can only hope that other manufacturers follow the example set forth by Tesla, FCA, and the other Fortune 500 companies that are willing pay for exposed vulnerabilities. Just think, once we perfect self-driving cars, one little vulnerability could turn deadly on a massive scale at the whim of someone with the right know-how. Pretty scary, huh?

Jeep Cherokee

2015 Jeep Cherokee - Driven High Resolution Exterior
- image 628267

Read our full review on the Jeep Cherokee here.

Source: Autoguide

Robert Moore
Robert Moore
Editor-in-Chief and Automotive Expert - robert@topspeed.com
Robert has been an auto enthusiast his entire life. He started working cars at a young age, learning the basics from his father in the home garage on the weekends. As time went on, Robert became more and more interested in cars and convinced his father to teach him how to drive when he was just 13 years old. Robert continued working on cars in his free time and learned as much as he could about engines, transmissions, and car electrical systems, something that only fed his curiosity more and eventually led him to earn a bachelors degree in automotive technology with a primary focus on engine performance and transmission rebuilding.  Read full bio
About the author
What do you think?
Show Comments
Car Finder: