Fiat Chrysler Will Give You Cash to Find Cyber Threats

Steph Willems
by Steph Willems

In a few weeks, after Pokémon Go jumps the shark and we all head back to our homes for nights of solitude, Fiat Chrysler Automobiles will offer another opportunity for high-tech geekery. And a lucrative one, too.

Announced today, the automaker will hand tech-savvy individuals cold, hard cash in return for information on weaknesses in its vehicles’ cybersecurity. Exposing a hidden backdoor that hackers could sneak through will net you up to $1,500.

FCA says the industry-first “bug bounty” program is open to anyone — vehicle owners, IT professionals, IT…enthusiasts? — and is designed to guard the safety of its vehicle systems and connected services. Tips can be sent to the automaker via the Bugcrowd platform. (The automaker explains the process in a YouTube video.)

“Exposing or publicizing vulnerabilities for the singular purpose of grabbing headlines or fame does little to protect the consumer,” stated Titus Melnyk, FCA’s U.S. senior manager of security architecture, in a release. “Rather, we want to reward security researchers for the time and effort, which ultimately benefits us all.”

Bugcrowd manages the reward payout, which varies depending on the seriousness of the weakness discovered. The starting “bug” price is $150. Bugcrowd CEO Casey Ellis said FCA’s program will “engage the community of hackers that is already at the table and ready to help.”

Last year, hackers exposed a weakness in FCA’s Uconnect infotainment system that allowed them to commandeer a Jeep Grand Cherokee as it drove down a Missouri highway. The flaw was so troubling, FCA recalled 1.4 million vehicles to install a software patch.

Steph Willems
Steph Willems

More by Steph Willems

Comments
Join the conversation
4 of 10 comments
  • Art Vandelay Art Vandelay on Jul 13, 2016

    That is pretty low for a zero day exploit. Any significant vulnerability against a vehicle would likely be worth significantly more.

  • Shaker Shaker on Jul 14, 2016

    P0kem0n G0 is the bigger virus, it will infiltrate our idiocracy, and may cause more deaths than Autopilot - why? Because business has found that it's a fantastic way to *physically* lure drones to their business lairs. So, which car company will actually integrate the P0kem0n G0 app into their nav system? Stay Tuned...

  • Tosh Tosh on Jul 14, 2016

    Now that's a cry for help if I ever heard one.

  • 05lgt 05lgt on Jul 14, 2016

    So, just to be *wrong* about this: FCA will pay "up to" $1,500 to expose their hidden back door. Damnit Sergio, no means no!

Next