FCA To Start Rewarding "Bug Busters"
Print this Article | Send to Colleague
"White hat" hackers—the folks hacking for good purposes, not nefarious ones—will be paid between $150 and $1,500 for each legitimate security flaw through a bug bounty program managed by Bug Crowd, a crowd-sourced cybersecurity company. Bug Crowd, which is backed by several venture capital and private equity firms, raised $15 million in a Series B funding round in April.
Millions of so-called connected cars and trucks are on roads today, and that’s a potentially huge cybersecurity hole if hackers find weaknesses and choose to exploit them. Connected cars is a loose term that, in general, refers to cars with in-vehicle systems connected to the Internet. These systems give hackers multiple entry points to gain remote access to a connected car, for example through the software that operates the in-car entertainment, navigation, and advanced driver assistance systems.
The end goal is to not only find the bugs, but ultimately help Fiat Chrysler write better code. Yet FCA isn’t the only company, or automaker, to offer cash to hackers. Tesla’s bug bounty program, which is also run by Bug Crowd, pays up to $10,000 to hackers who find credible vulnerabilities.
General Motors quietly launched a program in January to connect the company with white hat hackers. Hackers who find security bugs or vulnerabilities can inform GM through a secure website portal hosted by HackerOne, a venture-backed security startup based in San Francisco that originally spun out of Facebook. At launch, the GM program wasn’t paying hackers (or "researchers," as they’re sometimes called). That could change, GM Cybersecurity Chief Jeff Massimilla said at the time.
Millions of so-called connected cars and trucks are on roads today, and that’s a potentially huge cybersecurity hole if hackers find weaknesses and choose to exploit them. Connected cars is a loose term that, in general, refers to cars with in-vehicle systems connected to the Internet. These systems give hackers multiple entry points to gain remote access to a connected car, for example through the software that operates the in-car entertainment, navigation, and advanced driver assistance systems.
The end goal is to not only find the bugs, but ultimately help Fiat Chrysler write better code. Yet FCA isn’t the only company, or automaker, to offer cash to hackers. Tesla’s bug bounty program, which is also run by Bug Crowd, pays up to $10,000 to hackers who find credible vulnerabilities.
General Motors quietly launched a program in January to connect the company with white hat hackers. Hackers who find security bugs or vulnerabilities can inform GM through a secure website portal hosted by HackerOne, a venture-backed security startup based in San Francisco that originally spun out of Facebook. At launch, the GM program wasn’t paying hackers (or "researchers," as they’re sometimes called). That could change, GM Cybersecurity Chief Jeff Massimilla said at the time.