Fiat Chrysler is joining a list of companies offering hackers the chance to cash in on bugs they find in products. The reward? Between $150 and $1,500, depending on the security flaw they uncover in one of the automaker’s Jeeps, Ram trucks or other models.
“There are a lot of people that like to tinker with their vehicles or tinker with IT systems,” said Titus Melnyk, a senior security manager at Fiat Chrysler. “We want to encourage independent security researchers to reach out to us and share what they’ve found.”
FCA’s goal is simple: To find flaws in its vehicles before they might lead to a costly recall and tarnish the brand’s image. Last year, the company was forced to recall 1.4 million vehicles and update its software after security researchers hacked into a Jeep Cherokee’s entertainment system and took control of the vehicle remotely.
The high-profile demonstration, meant to show a reporter for Wiredmagazine how hackers can take control of vehicles they are not riding in, was an embarrassing incident for Fiat Chrysler. It also sparked a wider discussion about the cybersecurity of vehicles that are increasingly connected to the outside world through data networks.
“Car manufacturers have the opportunity to engage the community of hackers that is already at the table and ready to help,” said Casey Ellis, founder and CEO of Bugcrowd. His firm is working with FCA on the hacking event.
FCA isn’t the only company that has hired hackers to make its cars safer. Last year, Uber hired the duo that remotely hacked into the Jeep Cherokee.
FCA’s bug bounty promotion comes a week before automotive leaders meet in Detroit to discuss how the industry can improve vehicles’ security. Automakers maintain their vehicles are safe and the right safeguards are in place to prevent hackers from gaining control of vehicles.
Questions? Comments? BehindTheWheel@cnbc.com.