Fiat Chrysler Offers $150-1,500 'Bug Bounty' To Hackers Who Detect Cybersecurity Flaws
Fiat Chrysler Automobiles NV (NYSE: FCAU) is offering a bounty of up to $1,500 for hackers who find cybersecurity flaws in its vehicles.
FCA US LLC announced the launch of a public "bug bounty" program on the Bugcrowd platform via press release Wednesday.
"Bugcrowd manages all reward payouts, which are scaled based upon the criticality of the product security vulnerability identified, and the scope of impacted users. A reported vulnerability could earn a bug bounty of $150 to $1,500," the press release read.
The rewards program follows the remote control and hack of Fiat Chrysler's Jeep Cherokee, which lead to a recall of 1.4 million vehicles last year.
"There are a lot of people that like to tinker with their vehicles or tinker with IT systems," said Titus Melnyk, senior manager, security architecture, FCA US LLC, in a statement. "We want to encourage independent security researchers to reach out to us and share what they've found so that we can fix potential vulnerabilities before they're an issue for our consumers."
The automaker said, "The Bugcrowd program gives FCA US the ability to identify potential product security flaws; implement fixes and/or mitigating controls; and improve the safety and security of its vehicles and connected services."
"Exposing or publicizing vulnerabilities for the singular purpose of grabbing headlines or fame does little to protect the consumer," Melnyk elaborated. "Rather, we want to reward security researchers for the time and effort, which ultimately benefits us all."
Automakers offering such bounty programs highlight their concerns on security as they are adding more automation and connectivity features into the vehicles.
For more information, click the following links:
- FCA & Bugcrowd soundbites: https://youtu.be/LEyYDwXJDMc
- Bugcrowd – How it Works: https://youtu.be/-HT0bwStn9I
Did you like this article? Could it have been improved? Please email email@example.com to let us know!
© 2017 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.