FCA's move comes a year after independent cyber-security researchers used a wireless connection to turn off a Jeep Cherokee's engine. The hack, reported in Wired Magazine, alarmed auto makers and regulators, and it led FCA to recall 1.4 million vehicles to prevent the use of a wireless connection to gain control of the vehicle.
Casey Ellis, Bugcrowd's chief executive, said in a media briefing that his company has 32,000 researchers that work through its service. Bugcrowd rates researchers based on the quality of their work, he said.
Auto makers have stepped up efforts to address concerns that vehicles equipped with high-speed Internet connections could be vulnerable to cyber intruders and criminals who could seek to harvest personal data through vehicle systems, or perpetrate other mischief such as disabling a car and demanding a ransom to bring it back to life.
In July 2015, several major auto makers formed an Automotive Information Sharing and Analysis Center, or Auto-ISAC, to serve as a clearing house for information about cyber threats. The group said in a statement this week its members now account for 99 percent of light duty vehicles on the road in North America.
Titus Melnyk, FCA senior manager for security architecture, said FCA could share information generated by the Bugcrowd program with other automakers through the Auto-ISAC. "We'll err on the side of what's right for the industry," he said in a briefing for reporters.
General Motors Co has a program managed by San Francisco cyber-security company Hackerone that offers recognition, but not cash, to researchers who identify and share cyber-security gaps with the company. The company has also begun hiring outside cyber-security experts and has a group of employees that test the company's systems, Jeffrey Massimilla, GM's chief product cyber-security officer, told Reuters.
Massimilla said GM may offer cash bounties to ethical hackers, but said, "If you put up a small bounty you aren't going to get good research."
© Thomson Reuters 2016