Fiat-Chrysler Not Only Wants to Be Hacked, It Will Pay $1,500
The automaker, which recalled 1.4 million vehicles over a steering hack,
has teamed with a private cybersecurity company to pay bounties.
Auburn Hills, MI — If you’ve got a knack for hacking into software,
Fiat Chrysler Automobiles wants you to have it, on the right side of t
he law and with a lucrative cash incentive.
Fiat Chrysler Automobiles wants you to have it, on the right side of t
he law and with a lucrative cash incentive.
The Auburn Hills-based automaker said Wednesday it is offering up
to $1,500 bounties to white-hat hackers who are able to permeate
firewalls and identify potential security issues with their vehicles
and software systems.
to $1,500 bounties to white-hat hackers who are able to permeate
firewalls and identify potential security issues with their vehicles
and software systems.
FCA is not the only automaker looking outside the company for help,
but its problems security issues are some of the most infamous.
but its problems security issues are some of the most infamous.
After hackers were able to remotely break into certain Jeep, Dodge
and Chrysler vehicles and control their steering wheels from afar
last year, the automaker recalled 1.4 million vehicles to fix the defect.
FCA also faces a huge class action suit.
and Chrysler vehicles and control their steering wheels from afar
last year, the automaker recalled 1.4 million vehicles to fix the defect.
FCA also faces a huge class action suit.
The bounties, which range from $150 to $1,500, are offered for
each legitimate security flaw uncovered through a program managed
by the crowd-sourced cybersecurity company Bugcrowd.
each legitimate security flaw uncovered through a program managed
by the crowd-sourced cybersecurity company Bugcrowd.
“Bugcrowd will do the initial triage,” Titus Melnyk, FCA US’s senior
security manager, said in a YouTube video announcing the program.
security manager, said in a YouTube video announcing the program.
“The most important thing is if someone does report a vulnerability
to us — that we vet out — we want to reward that person, which is
why we’re going with a paid bounty program,” Melnyk said.
to us — that we vet out — we want to reward that person, which is
why we’re going with a paid bounty program,” Melnyk said.
The goal isn’t just to identify security threats like the steering hack,
but also help FCA write better code and demonstrate to the market
that it serious about cybersecurity, Bugcrowd co-founder and CEO
Casey Ellis said in the video.
Tesla Pays $10,000 Bounties
Bugcrowd also runs Tesla’s bug bounty program, but offers up
to $10,000 to hackers who find credible vulnerabilities.
to $10,000 to hackers who find credible vulnerabilities.
Another Big Three automaker,
General Motors, is working with
HackerOne to identify risks that
could allow unauthorized access to
its vehicles, though it isn’t paying
for the information.
General Motors, is working with
HackerOne to identify risks that
could allow unauthorized access to
its vehicles, though it isn’t paying
for the information.
Jeff Massimilla, the automaker’s
chief product cybersecurity officer,
said that “outside of academic research,
we are not aware of any successful
intrusion through a wireless
entry point to obtain control of any
GM vehicle or customer data.”
chief product cybersecurity officer,
said that “outside of academic research,
we are not aware of any successful
intrusion through a wireless
entry point to obtain control of any
GM vehicle or customer data.”
HackerOne is a bug detection program opened to the public by Uber.
Collin Greene, an Uber security engineer at Uber who manages the
program and was one of the architects of Facebook’s bug bounty
program, told Fortune “it’s an exciting way to get people locked in.”
program and was one of the architects of Facebook’s bug bounty
program, told Fortune “it’s an exciting way to get people locked in.”
United Airlines has also invited hackers to try to crack firewalls.
Depending on the level of the security threat, the “good guy”
hackers could get up to 1 million frequent flier miles.
Depending on the level of the security threat, the “good guy”
hackers could get up to 1 million frequent flier miles.
Images: Shutterstock and, above, Getty Image
No comments:
Post a Comment
Thanks for commenting. Your comments are needed for helping to improve the discussion.