Fiat Chrysler rewarding hackers in boosted safety push
In a move that further highlights the closing gap between cars and technology, Fiat Chrysler Automobiles (FCA) is now offering financial incentives to hackers that successfully expose flaws in the company’s software systems.
Using a third-party code-sharing platform called BugCrowd, FCA is offering bounties between $150 and $1500 to participants who identify security gaps in vehicle and customer-facing software architecture.
It’s not a new concept. Software companies and large corporations often enlist the services of computer hackers to test the vulnerability of software and connectivity services – although few make a point of it so openly.
In the automotive industry, Tesla has used BugCrowd for some time and has reportedly paid over 130 ‘rewards’ to hackers that have found issues with its data security.
With increasing use of connected and mobile software services in cars, this type of program is becoming fundamental to the development of such systems.
In 2015, in a collaboration with Wired magazine, a team of professional hackers were able to remotely access a Jeep Cherokee through a flaw in the uConnect infotainment system. Through the hack, the team were able to control core vehicle functions – including the transmission and brakes.
FCA quickly issued a software patch to address this system, which did not affect any Australian-market cars, but the project highlighted the need to put a stronger emphasis on software security for all manufacturers.
So if you are handy with a laptop and have caught enough Pokémon for the day, then jump onto BugCrowd and have a crack at a hack.