North American Automaker Launches Vehicle Cyber Security Bug Bounty Program
FCA US offers financial reward for discovery of cyber vulnerabilities
Earlier this month, a major North American automaker launched a bug bounty program dealing specifically with vehicle cyber security.
FCA US, which is headquartered in Auburn Hills, MI and is a member of the Fiat Chrysler Automobiles (FCA) family of companies, announced the opening of a public "bug bounty" program that offers financial rewards to hackers who locate and specify potential vehicle cybersecurity vulnerabilities.
Launched in association with Bugcrowd, a company known for enabling crowdsourced security testing, the goal of the program is, according to FCA, to "enhance safety and security of FCA US consumers, their vehicles and connected services."
— FCA-North America (@FiatChrysler_NA) July 13, 2016
Bounties up to $1,500 per bug
The program is set up to pay hackers who locate specific security holes up to $1,500 per bug. The amount of the bounty will depend on both the impact and severity of the discovered vulnerability.
With connectivity technology increasingly -- and quickly -- becoming a major component of modern vehicles, FCA feels that opening up this public bounty program with serve to protect the drivers of its vehicles.
"The safety and security of our consumers and their vehicles is our highest priority," -- Sandra Hosler, FCA US LLC
Increased focus on vehicles and cyber security
The combination of vehicles and cyber security has been creating a few headlines recently.
Back in April, the Government Accountability Office (GAO) -- a government watchdog group -- urged the DOT to address vehicle cyber security, warning that modern vehicles are quickly becoming more vulnerable to cyber attacks.