The FCA bug bounty program launched today offers financial rewards for the discovery of potential insecurities in vehicle cybersecurity. Released on the Bugcrowd platform, a crowdsourced community of cybersecurity researches, FCA hopes independent researchers will see the rewards as incentive to seek out security weaknesses in FCA vehicles.
Bugcrowd will manage the payments, determining the level of payment on a scale from $150 to $1,500 depending on the severity of the exposed weakness. FCA believes this is the most effective way to find vulnerabilities in their security, saying that cars these days are “basically a two ton computer,” according to Bugcrowd CEO Casey Ellis. FCA is the first automaker to partner with the company in order to expose security risks.
FCA prioritizes the safety of customers’ information above all else, according to Sandra Hosler, cybersecurity system responsible at FCA US. The company always goes above and beyond to protect the customers’ information as quickly as possible.
Last year, FCA contacted individual customers during a security breach associated with some radios and managed to completely cut the devices off from possible hacker invasion. Instead of immediately issuing a recall and doing nothing else, which could’ve taken months, FCA officials were proactive and kept customers’ information from being accessed immediately. This is also the goal of the bug bounty program, and FCA hopes other automakers follow in its footsteps.