Posted on August 28, 2020 at 3:33 PM
Although the court indictment did not mention the targeted firm, many news outlets said Tesla was the subject of a recent hacking plot.
Elon Musk has also confirmed that a Russian hacker targeted one of Tesla’s factories and bribed an employee $1 million to install a virus. Fortunately, the employee rejected the bribe.
US authorities nabbed the Russian national earlier this week when it traveled into the country as a tourist. However, the Russian’s plan, as discovered, was to attack Tesla with malware.
Although Tesla has not yet released a statement regarding the attack, Musk replied to a tweet about the incident and revealed the employee in question did not accept the bribe. “Much appreciated. This was a serious attack,” Musk wrote.
Based on court documents, a Russian national called Egor Igorevich sent a message to the Tesla worker through WhatsApp. They have met previously in 2016.
Egor, 27, stated that he was holidaying in the US and wants to meet with the Tesla worker, who is a Russian immigrant. The meeting was arranged and they met later, as Egor revealed to the employee he was working with a Russian-based hacking syndicate.
The Russian told the Tesla employee he will receive a massive reward if he allows them to install custom-built malware on Tesla’s internal network.
The malware was designed to steal very important data and files, and it reportedly costs around $250,000 to develop malware.
The Russian also said once the data is stolen, they would ask for a larger amount of money, as the intent was not to release the stolen files.
Recordings made during subsequent meetings
After the first meeting with the Russian, the employee told Tesla and the FBI about the plot by the Russian hacking group.
Subsequently, a series of meetings were arranged with the hacker and the employee, but this time the conversation was recorded. The conversation also included the price negotiations where the employee negotiated the price from $500,000 to $1 million.
The hacker also told the employee that the Tesla hacking will not be carried out immediately, but later in the year. Apparently, the criminal group was occupied with the hacking of another company, and they would only be ready to hack Tesla when their current job is done.
The Hacker was later arrested when he wanted to leave the US. Authorities are charging him with the intent on fraud. He is likely going to face up to five years in prison if he’s found guilty.
The employee reported early
The attack is not the usual one where the hackers try to do everything within their group. This time, they had to involve an insider working for the targeted company. They decided to use “malicious insiders”, normally used by the cybersecurity community to describe employees who have gone rogue.
Some of the biggest threats to a company’s network usually come from rogue employees, which can be very difficult to avoid. The employees are more conversant with the network and server functionalities than outsiders. They even get access where an outsider would normally not get. As a result, it is hardly difficult to stop or prevent a threat coming from an insider.
Employees with knowledge and access to the system or server can be very dangerous and create far more issues for the company than outsiders.
However, this attack did not require much from the employee, as he only needs to place a file on the network as long as he has the user rights. Whether via a cleverly directed social engineering or through a disgruntled employee, the repercussion could be devastating if successful.
But for the case of the Tesla employee, he quickly reported the situation. This helped to nullify the attack and arrest the hackers. However, the failed attack also highlights the necessity of limiting user privileges, especially on highly sensitive services or networks.