Founder and CEO Elon Musk recently confirmed that Tesla Inc. was the target of a recently thwarted cyber attack. The American EV and clean energy company's Giga Nevada factory was the mark of a Russian man who had been conspiring to hack its network and hold data for ransom. Musk went on to affirm that this was a very serious attack.
Recently celebrating its 17th birthday, Tesla Inc. has flourished as an independent automaker providing electrical vehicles to the average consumer. Although headquartered in Palo Alto, CA, Tesla now operates facilities worldwide. In the United States alone, it has several factories including Giga Nevada located outside of Reno. This factory in particular produces energy storage products such as Powerwalls, Powerpacks, and battery cells, as well as drivetrains for the Model 3. Just last month, Tesla eclipsed Toyota as the most valuable automaker in the world with a market capitalization of over $200 billion.
According to Teslarati, a Russian man accosted an employee of the gigafactory through the popular chat platform WhatsApp, and offered $1 million to install malware into Tesla Inc.'s internal network. The malware is said to trigger a distributed denial-of-service (DDoS) attack. While Tesla's cybersecurity would be focused on the DDoS attack, the malware would then access and steal internal documents and private information that the hacker(s) could then hold for ransom. It's important to note that the employee that had been approached was a Russian-speaking, non-US citizen working at Tesla, so clearly the hacker (and perhaps any accomplices) had done some research beforehand. That's some real life spy game stuff right there; and the Russian hacker may have gotten away with it too if it weren't for those meddling, loyal Tesla employees. Very quickly, the FBI became involved and a sting was on the assembly line.
Preventing A Blackmail Hack, A Great Way To Get A Raise
A Tesla employee was offered $1 million to endanger his employer's secrets, but chose to report it instead. Tesla officials then reported the proposition attempt to the FBI, who recruited the employee as its inside man for the bust. The Tesla employee went along with the Russian's requests and wore a wire for their meetings in person until the hacker suddenly revealed that the plan was delayed and all payments would be on hold. He then fled Reno and was apprehended last week by the FBI in Los Angeles, suspected of attempting to flee the country. A criminal complaint filed by the District Court of Nevada the following day of the arrest confirms that Egor Igorevich Kriuchkov has been accused of trying to recruit an employee to install malware at and 'unidentified company.' Musk later confirmed this was in fact Tesla. Furthermore, a criminal complaint filed by the FBI Office in Las Vegas infers that the attempted hack might actually be part of a larger, well-financed, scheme.
A serious attack indeed. Musk must be grateful to his non-U.S. employee working in the middle of the desert at Tesla. What is most interesting about this entire whirlwind of a story is Kriuchkov's actions throughout it. He knew whom to approach (or in hindsight got it wrong), then knew something was amiss and tried to abort the arrangement and flee the country. Could he have perhaps been tipped off by an ally? After seeing the FBI file a complaint outlining a bigger picture here, even more questions present themselves. Who was he fleeing back to? Was the plan to circle back and regroup for another attack, or are other attacks already in the works at other Tesla facilities? Presumably, these are a lot of the same questions both the FBI and Elon Musk are focusing on with their own respective cybersecurity teams. Tesla was lucky this time, and Musk seems quite aware of that fact, so it will be interesting to see if this wild story unfolds any further and just how large this scheme actually is.
Source: Teslarati