Last year hackers showed that they could control a moving jeep. Moreover, now Fiat Chrysler Automobiles has come up with a method to motivate the hackers to find security flaws in their automobiles; by paying them.
In this Bug Bounty program, the Italian-U.S. automaker will be paying between $150 to $1500 to those hackers, who will find out potential security flaws and alert the company every time. The automaker has also established ties with a San Francisco-based company, Bugcrowd Inc., which supports hackers who are willing to find out and fill the security gaps.
It is noteworthy that Bugcrowd Inc. already runs a program for Tesla Motors Inc. Last year Tesla was victimized by a high-profile security hack, where computer security experts made a revelation that they could effectively power down a Tesla Model S by hacking into its entertainment system. Later, Tesla managed to fix the issue with some patch work.
Fiat Chrysler has been witness to the same kind of story when last summer two researchers were able to control a moving Jeep Cherokee with the help of a laptop from miles away, by hacking into the vehicle’s wireless communication system. Fortunately, the company fixed the issue through a vehicle recall and software patch procedure, but the event raised suspicion about the safety & security of internet connected cars on the road.
Where on one hand the automobile makers are packing their vehicles with more electronics and software to provide better safety gears, information sharing and communication capabilities to their buyers. On the other hand, such developments have put the vehicle at a greater threat of cyber-attacks, where the cyber-criminals will target the vehicles for data stealing schemes and for several kinds of ransomware.
However, to tackle such issues the automobile makers has tightened their software security standards and have also come with cyber security teams, who are given the only task of making the vehicle capable of withstanding hacking threats. Although, American Corporations have long adopted Bug Bounty programs, the automobile sector has been relatively slow in adopting such measures for identifying security flaws and in giving payouts to those who successfully detect flaws.
General Motors Co. is running one of its kind voluntary hacking disclosure programs, where hackers can volunteer information on their website hackerone.com.