Last year, hackers demonstrated that they can take over the controls of a Jeep Cherokee by using nothing but a laptop. This worried the automobile manufacturer, Fiat Chrysler NV very much. To resolve the cyber security issue, the company has come up with a slightly innovative solution. The company has launched a program to pay hackers when they unveil a potential loophole in the cyber security of the vehicle.
The company’s bug bounty program promises to pay hackers between $150 to $1500 for uncovering any potential cyber security flaw and alerting the company. In order to run this program, the company has employed the services of Bugcrowd Inc., which is a San Francisco-based company that runs bug bounty programs and then compensates hackers who are willing to collaborate with the company to bridge the potential security gaps.
Bugcrowd already runs a similar program for the electric-car makers, Tesla Motors Inc. Tesla employed the services of this organization when security researchers found an effective way to shut down a Tesla Model S by tapping into the car’s entertainment system. Tesla addressed the problem by issuing a security fix patch.
Fiat Chrysler, the Italian-US automaker was caught off guard last summer, when researchers demonstrated that they could tap into the car and seize control with the aid of nothing but a laptop. The phenomenal thing in this demonstration was the fact that the laptop was miles away from the vehicle’s wireless communications system. The issue was promptly fixed; however, it raised many questions and concerns about the safety standards of the growing number of internet-connected cars.
Automakers are constantly working in improvising and enhancing the car capabilities by offering additional electronics in vehicles with the aim to provide much more ease in communication and safety. However, this development has opened up a potential avenue for cyber criminals as they have been successful in targeting cars with ransomware; locking the individual out of their car’s functionality. The ransomware persists till the individual makes a payment and gains the encryption key.
Due to the rising trend, several car companies have jumped in with their own cyber security teams that work tirelessly to fix potential loopholes and make the car prone to hacking threats. Although bug bounty programs are common in many corporations, however, the auto sector has been relatively slow in comparison to others in developing a proper payment scheme for hackers who voluntarily disclose potential threats.