home  › Business and economy

FCA will pay up to $1,500 to hackers who can crack its Jeeps’ software

by Mario Cianflone

Cars have gone digital and the private information security is a rapidly-growing safety problem, especially with the advent of widely-available autonomous driving systems.
Last year Fiat Chrysler Automobiles (FCA) were faced with the issue of Jeep Cherokees that could be hacked long-distance. Now Sergio Marchionne’s group has launched a counterattack, offering a maximum $1,500 reward to hackers who can find bugs and weaknesses in the Italian-American brand’s onboard computer systems.

With this initiative, FCA has become the first large-scale automotive company to directly ask the assistance of anyone who can crack the systems used by millions of drivers every day. Their computer program is available to everyone thanks to Bugcrowd, a community of hackers and experts that offer their experience and knowledge to businesses. The prizes range from $150 to $1,500, depending on the seriousness and potential damage that each bug could cause.

FCA isn’t the first automaker to use this hacking community: Tesla has already given out 132 prizes, ranging from $10 to $10,000. The reason that the Auburn Hills-based manufacturer has focused so much on potential information weaknesses has to do with a 2015 attack on a Jeep Cherokee that provoked a recall on all 2013 vehicles (Jeep, Dodge, Ram, and Chrysler) that used the Uconnect infotainment system.

Two cybersecurity experts were able to hack into a Jeep Cherokee’s computer system in 2014, allowing them to drive the car long-distance via a laptop—this forced the company to send its customers information on how to correct the bug. Even though it wasn’t a real hacking attempt—FCA knew about the experiment—this immediately highlighted the need to protect their systems.

Even the FBI is working on remote intrusions, seeing as how last spring the number of intrusions skyrocketed. Could all of these attacks result in hackers causing car crashes? According to experts, it’s not the physical security of passengers that’s being threatened, but rather their personal information: sensitive information like credit card numbers, home banking information, toll fees, and gas purchases.