Tesla CEO Elon Musk has confirmed that his company was the subject of a thwarted cyberattack aimed at stealing internal information and then demanding a ransom in exchange for not making it public. According to a report out of Teslarati, an employee at Tesla's Gigafactory in Nevada was approached by a Russian national who offered $1 million to infect the company's network with malware. The employee reported the incident to Tesla officials instead.
Musk said on Twitter that it was a "serious attack." A recent criminal complaint filed in Nevada lines up with the report and suggests that the individual behind the plot was Egor Igorevich Kriuchkov, who was accused by the Department of Justice of attempting to recruit a worker to introduce malware at an unnamed company. We now know which company it was and that the plan — which sounds like something straight out of an Ian Fleming novel — failed thanks to assistance from the FBI.
Wine and dine — The complaint says that Kriuchkov approached the employee over WhatsApp after getting his number from a mutual acquaintance. They later met on a shared vacation where Kriuchkov insisted on paying for the group's activities, behavior common from criminals trying to wine and dine their targets. In a meeting with the employee after their vacation, Kriuchkov offered up to $1 million for the individual to install malware on internal computers — again, presumably those of Tesla, but the complaint doesn't name the company. The aim was to launch a cyberattack that would distract the company's security team long enough to steal sensitive data.
Luck or loyalty — Tesla is lucky an employee reported the incident before anything happened — ransomware attacks often begin without any prior notification after an employee clicks on a malicious link or email attachment. Rogue insiders are also an increasing threat, especially as more people work from home and have taken sensitive data with them.
A school district in Texas earlier this month paid $50,000 to restore data after an attack on its servers. A U.S. travel management firm called CWT, meanwhile, paid $4.5 million in July to hackers who stole corporate data. Meanwhile, last month's massive Twitter hack of high-profile accounts was orchestrated thanks to a compromised employee with access to administrative tools.
It's not a good idea to pay ransoms considering it encourages more of the behavior, but hackers often demand amounts small enough that they know the organizations will be willing to hand it over so they can avoid any further damage. Uber unsuccessfully tried to cover up a hack of its own servers by paying $100,000 to a teenager in Florida, but executives later decided to disclose the incident. Its then chief security officer Joe Sullivan was recently indicted for the cover-up attempt.
Kriuchkov was arrested on August 22 as he was attempting to leave the U.S. We expect to see the Hollywood movie reenactment of the incident when it's possible to make movies again.