FCA US Launches 'Bug Bounty' Program to Advance Vehicle Cybersecurity

Main Navigation

Advertisement
Social Connect
Resources
Our Brand Family
BodyShop Business - Babcox Media
The information source for the collision repair industry.
News

FCA US Launches ‘Bug Bounty’ Program to Advance Vehicle Cybersecurity

Automaker is encouraging independent security researchers to find potential vulnerabilities in their connected car technology so they can fix them before they become problems for consumers.

BodyShop Business Staff Writers
By BodyShop Business Staff Writers
Published:

FCA-logoFrom aftermarketNews.com

Related Articles

To address the rapidly increasing convergence between connected technology and the automotive industry, FCA US LLC has announced the launch of a public “bug bounty” program on the Bugcrowd platform to enhance the safety and security of its consumers, their vehicles and connected services.

“There are a lot of people who like to tinker with their vehicles or tinker with IT systems,” said Titus Melnyk, senior manager – security architecture, FCA US LLC. “We want to encourage independent security researchers to reach out to us and share what they’ve found so that we can fix potential vulnerabilities before they’re an issue for our consumers.”

The FCA US bug bounty program leverages Bugcrowd’s crowd-sourced community of cybersecurity researchers to promote a public channel for responsible disclosure of potential vulnerabilities. FCA US said it believes the program is one of the best ways to address the cybersecurity challenges created by the convergence of technology and the automotive industry. The Bugcrowd program gives FCA US the ability to: identify potential product security vulnerabilities; implement fixes and/or mitigate controls after sufficient testing has occurred; improve the safety and security of FCA US vehicles and connected services; and foster a spirit of transparency and cooperation within the cybersecurity community.

“Exposing or publicizing vulnerabilities for the singular purpose of grabbing headlines or fame does little to protect the consumer,” said Melnyk. “Rather, we want to reward security researchers for the time and effort, which ultimately benefits us all.”

Bugcrowd manages all reward payouts, which are scaled based upon the criticality of the product security vulnerability identified, and the scope of impacted users. A reported vulnerability could earn a bug bounty of $150 to $1,500.

“Automotive cybersafety is real, critical and here to stay. Car manufacturers have the opportunity to engage the community of hackers that is already at the table and ready to help, and FCA US is the first full-line automaker to optimize that relationship through its paid bounty program,” said Casey Ellis, CEO and founder of Bugcrowd. “The consumer is starting to understand that these days, the car is basically a two-ton computer. FCA US customers are the real winners of this bounty program; they’re receiving an even safer and more secure product both now and into the future.”

FCA US said it may make research findings public, based upon the nature of the potential vulnerability identified and the scope of impacted users, if any. Last year, FCA US contacted customers about a potential vulnerability associated with certain radios, provided the software update and permanently closed remote access to the open port on the radio, eliminating the risk of any long-range remote hacking – all before issuing a recall.

“The safety and security of our consumers and their vehicles is our highest priority,” said Sandra Hosler, cybersecurity system responsible, FCA US LLC. “Building on a culture of safety, FCA US has developed a cross-functional team comprised of engineering, safety, regulatory affairs and connected vehicle specialists who are dedicated to collaboration and engagement with a wide range of industry professionals to build security into our vehicles and products by design.”

You May Also Like

Consolidators

Crash Champions Expands to Great Falls, Montana

Crash Champions has announced the successful acquisition of Mitchells’ Crash Repair, Flawless Auto Body and 3 Way Auto Body.

Jason Stahl
By Jason Stahl
Jason Stahl has 30 years of experience as an editor, and has been editor of BodyShop Business for the past 18 years. He currently is a gold pin member of the Collision Industry Conference. Jason, who hails from Cleveland, Ohio, earned a bachelor of arts degree in English from John Carroll University and started his career in journalism at a weekly newspaper, doing everything from delivering newspapers to selling advertising space to writing articles.
Published:

Crash Champions has announced the successful acquisition of three local repair centers in Great Falls, Mont.: Mitchells’ Crash Repair, Flawless Auto Body and 3 Way Auto Body. The three local repair centers transitioned operations to Crash Champions effective April 22. 

“We are certainly proud to continue expanding the Crash Champions footprint across Montana,” said Matt Ebert, founder and CEO of Crash Champions. “Beginning service to the Great Falls community is another strategic step in that momentum. Each of these local teams have earned a reputation for high-quality repairs and an attention to best-in-class customer service. We’re proud to welcome them to the team and look forward to serving Great Falls, now under the Crash Champions brand.”

Read Full Article

More News Posts
Car ADAS Solutions Announces New Licensee in California

Car ADAS Solutions has announced ADAS Vision as a new licensee in Imperial, Calif.

By Jason Stahl
GM Customer Care and Aftersales Celebrates National Skilled Trades Day

General Motors CCA celebrates the more than 43,500 skilled auto technicians across its dealerships as well as the more than 1,100 students currently on the path to joining the industry through its various programs.

By Jason Stahl
Fix Network World Apprenticeship Program Celebrates First Graduate

The Fix Network Apprenticeship Program is the first automotive glass apprenticeship in the U.S., and Duran is the first graduate.

By Jason Stahl
Car ADAS Solutions Announces New Licensee in Michigan

Car ADAS Solutions has welcomed Lakestate Calibrations as a new licensee in Gaylord, Mich.

By Jason Stahl

Other Posts

CIF Offers Assistance After Recent Devastating Storms

The Collision Industry Foundation is here to assist collision repair professionals who have suffered a significant loss.

By Jason Stahl
ALI Announces Lifting Points Guide Now Available in Digital and Print

Easily find OEM-recommended lifting points to properly lift cars, trucks and SUVs.

By Jason Stahl
NTSB Chair Praises NHTSA Action on AEB Final Rule

Jennifer Homendy lauded the new standard requiring all new passenger cars and light trucks to have automatic emergency braking and pedestrian AEB systems.

By Jason Stahl
Lucid Group Debuts New EV with 516-mile Range

Lucid claims the 2024 Air Grand Touring starting at $109,900 is the longest-range EV available today.

By Christian Hinton