Published on August 28th, 2020 |
by Johnna Crider
August 28th, 2020 by Johnna Crider
I’m going to start this article with a disclaimer: I am a huge Tesla fan, still have some fractional shares in the company, and believe in its mission. I believe in Elon Musk and love what he stands for. With that said, I’m ecstatic to know that before the news of this cybersecurity attack on Tesla broke, the culprit was caught and no damage to the company was done.
Much appreciated. This was a serious attack.
— Elon Musk (@elonmusk) August 27, 2020
Teslarati broke the story, and here’s a quick recap before I dive into my own short analysis of why people continuously try to attack Tesla. This story seems like it would be a box office hit — and maybe one day a movie will be made about this. A Tesla employee working in the Nevada Gigafactory was initially offered $500,000, then $1 million, to help plan this cyberattack on Tesla. Instead, he worked with the FBI to thwart a planned cybersecurity attack against the tech giant.
Teslarati noted that the Department of Justice announced the arrest of a Russian citizen who conspired to breach the Tesla network and introduce malware to compromise that company’s networks. According to a criminal complaint filed by the FBI Las Vegas Field Office, the attack was not one of your run of the mill attacks — it was most likely part of a well-financed and organized scheme.
Tesla’s employee, whose identity is protected, was a Russian-speaking non-US citizen who was contacted by Egor Igorevich Kriuchkov. Kriuchkov contacted the employee in July through WhatsApp with a request to meet him in Sparks, NV — which shows just how well thought out this nefarious scheme was.
The employee along with a few colleagues met with Kriuchkov in August in different social settings, including a trip to Lake Tahoe. Kriuchkov made a remark about the beauty of the sunset and how he didn’t need a photograph, which was his excuse for not posing for photos with the employee and the rest of the group. Kriuchkov then asked to link up with the Tesla employee for some “business.”
This business turned out to be a plan that would involve the Tesla employee inserting malware provided by Kriuchkov and his partners into Tesla’s systems. Once installed, a distributed denial of service (DDoS) attack would allow hackers to take over Tesla’s information security team. The malware would also allow hackers to steal corporate and network data that could have been held for a ransom.
For his or her part, the Tesla employee was offered $500,000, then $1 million, to help with this. However, the Tesla employee had a very good heart and reported the planned attack to Tesla, which contacted the FBI. With the help of the FBI, Tesla’s employee continued with the plan while getting information on the hackers’ procedures, infrastructure, and other data. In one conversation, the hacker bragged about receiving a ransom of over $4 million from a high-profile company. Later reports revealed that the company was CWT, a travel management company, which paid $4.5 million.
On August 19, the Tesla employee met with Kriuchkov while wearing a wire from the FBI. The hacker agreed to pay an advance of $11,000 to the employee, and two days later, the employee was contacted by the hacker, who said that the project was being delayed and that the payments would be paid later. Kriuchkov also told the Tesla employee that he was leaving the area the next day. Kriuchkov drove overnight from Reno to Los Angeles in an attempt to flee the U.S., but the FBI was able to catch up to the hacker and arrested him on August 22 in Los Angeles. You can read the FBI’s complaint against Kriuchkov here.
Upon reading the FBI report, you can note that the hackers were open to paying the employee with a variety of forms of payment, including cryptocurrency, a guarantor security deposit, or cash. It’s also noted that the malware was specifically written to target Tesla’s computer network — done at a price tag of $25,000. Another takeaway from the FBI report is that Kriuchkov claimed to work for a “group” that “works on special projects.” This group pays employees of target companies to introduce malware into the target companies’ computer systems.
Reflections On Yet Another Attack On Tesla
In his comic book series, The Adventures of Starman, Eli Burton noted that this whole saga is the plot of the episode in “Big Oil Strikes Back.” In this storyline, Big Oil launched a cyberattack against one of the Tesla Gigafactories.
— Eli (@EliBurton_) August 27, 2020
Whether or not it was Big Oil, TSLAQ, contractors for Vladimir Putin (Russia is hugely dependent on oil, and thus very threatened by Tesla and the EV revolution), or some nefarious politically corrupt organization is yet to be determined. However, the “well-financed” note from above makes one think of the people who continuously spend billions shorting Tesla’s stock and either fully believe or pretend to fully believe that Tesla is the ultimate fraud.
It’s really messed up that a company that has had so much success fighting climate change is being continuously targeted and attacked. On the other hand, it’s not surprising at all.
Have a tip for CleanTechnica? Send us an email: [email protected]
Latest Cleantech Talk Episode