TECH: Fiat Chrysler Offers Bounties to Hackers Who Help

Posted by

200 uconnect

Our vehicles are increasingly becoming computers on wheels, which means they are wide open to hackers.

It’s scary enough to think of someone hacking your phone or computer, but it’s terrifying to think someone might hack your car and cause you and your loved ones physical harm. Fiat Chrysler Automobiles (FCA) wants hackers to do their darndest to find flaws in their vehicles and will pay them to share the results.

Tesla does this already, but FCA will be the first mass-market company to turn to those with the skills to cause trouble in an effort to find security flaws and fix them before they’re exploited. Those who do find a problem will get between $150 and $1,500 for their efforts. If you find an issue with a Tesla, then they’re more generous with up to $10,000 offered.

Looking for a new or used car? Check out BestRide’s listing search here.

It was a year ago when two professional hackers, Charlie Miller and Chris Valasek, managed to hack a 2014 Jeep Cherokee. They didn’t simply access the car’s infotainment. They took control with a willing journalist at the wheel as a guinea pig.

The two messed with all the car’s systems, including the steering and throttle so that the journalist was left at their mercy. Since they weren’t looking to cause trouble and it was only a staged test to show the problem, no one was hurt. The results could have been far different if the hackers were truly malicious.

FCA took quick action and released a patch that fixed the problem, but that isn’t the end of the story. Instead, it’s the beginning. It made the public aware of the danger and brought the security of all our cars into question.

They will now be using bugcrowd to let hackers submit security flaws. The company is focusing on systems that work with FCA vehicles like Uconnect. This doesn’t mean they’re giving up on internal efforts but rather are trying to improve the overall process.

Chances are good that other automakers will follow in the footsteps of FCA and Tesla. General Motors partnered earlier this year with HackerOne for crowdsourced security testing, a step in a similar direction as the bounty system. They decided to seek help after a hacker unlocked and started the engine of a Chevrolet Volt. According to DetroitNews, over 200 reported issues have been resolved through the partnership.

Looking for a new or used car? Check out BestRide’s listing search here.

Cars aren’t going to become less computerized. Consumers demand connectivity and won’t be satisfied with cars that fall short. They’re also demanding those systems be secure. Turning to hackers for the answers is one way automakers can provide that security.

Nicole Wakelin

Nicole Wakelin