By Joseph White
(Reuters) – Fiat Chrysler Automobiles NV FCA’s move comes a year after independent cybersecurity researchers used a wireless connection to turn off a Jeep Cherokee’s engine. The hack, reported in Wired Magazine, alarmed auto makers and regulators, and it led FCA to recall 1.4 million vehicles to prevent the use of a wireless connection to gain control of the vehicle. FCA officials said Bugcrowd Inc of San Francisco, which manages similar programs for a range of companies including Tesla Motors Inc Casey Ellis, Bugcrowd’s chief executive, said in a media briefing that his company has 32,000 researchers that work through its service. Bugcrowd rates researchers based on the quality of their work, he said. Auto makers have stepped up efforts to address concerns that vehicles equipped with high-speed internet connections could be vulnerable to cyber intruders and criminals who could seek to harvest personal data through vehicle systems, or perpetrate other mischief such as disabling a car and demanding a ransom to bring it back to life. In July 2015, several major auto makers formed an Automotive Information Sharing and Analysis Center, or Auto-ISAC, to serve as a clearing house for information about cyber threats. The group said in a statement this week its members now account for 99 per cent of light duty vehicles on the road in North America. Titus Melnyk, FCA senior manager for security architecture, said FCA could share information generated by the Bugcrowd program with other automakers through the Auto-ISAC. “We’ll err on the side of what’s right for the industry,” he said in a briefing for reporters. General Motors Co Massimilla said GM may offer cash bounties to ethical hackers, but said, “If you put up a small bounty you aren’t going to get good research.”
(Reporting By Joe White; Editing by Cynthia Osterman)