A recent arrest by the FBI has shed light on a ransomware attack planned on the Tesla organisation. The attack was planned by a 27 year old Russian hacker named Egor Igorevich Kriuchkov, who met up with a former associate currently working for Tesla at bar in Reno, Nevada. During the meeting Kriuchkov made several propositions for the Tesla employee to join his "group" who were "specializing in special projects". When these offers were turned down Kriuchkov offered $1 million to install malware that would allow the hackers group to execute a ransomware attack on the company.
The FBI claim that the first contact between the two individuals occurred in early 2016 however the attack on Tesla wasn't planned until July 2020 when Kriuchkov reached out to the worker through WhatsApp. This is where the hacker was able to drive his potential recruit to the Emerald Pools in Nevada. Shortly after the hacker began offering $500,000 for the employee to install malware onto Teslas' systems either through a USB drive or by clicking on a malicious Email link. Another $500,000 was promised once the job was completed along with the guarantee that the malware would be encrypted and therefore couldn't be traced back to the employee who installed it. Kriuchkovs' plan was to launch a distributed denial-of-service attack to confuse and distract Tesla during the installation of the malware. The Tesla employee was told he could use this time to frame a co-worker of his choice to "teach them a lesson". To encourage the Tesla worker Kriuchkov alleged that he had used the same play to gain access to a different companies systems and the rouge employee had gone undiscovered for three years. If the worker agreed, the cybercriminal group planned on exfiltrating data from the car manufactures before threatening to publish the data online if demands weren't met. Kriuchkov also disclosed that during a previous attack the group had demanded $6 million but settled with the company for $4.5 million.
A few weeks before the attack would have started, Kriuchkov told the employee to postpone the attack on Tesla as a similar attack had been unsuccessful after the insider failed to install the malware. Unknown to him the Tesla employee had already alerted the company about the malicious plot to execute the ransomware attack. Tesla immediately contacted the FBI who began tailing Kriuchkov to see what his next move would be. As it turns out his next move was to run and on the 22nd of August, federal agents were able to intercept Kriuchkov in Los Angeles as he attempted to flee the country according to the Department of Justice. Authorities believe the attack would have been targeted at Teslas' Gigafactory in Nevada where the two met.
On Thursday Tesla founder Elon Musk acknowledged the ransomware plot and thanked the employee in a tweet. However this shows the mindset of cybercriminals and how lucrative their business is if they can afford to pay $1 million for simply installing malware on a system. Organizations need to ensure that the security measures they enact to protect data are still viable even when internal resources are compromised, or data is exposed.
For information on improving your companies security measures get in touch with our expert team today on 01642 248 750 on get in touch via Social@adnsgroup.com.