From Russia, With Malware? Tesla Thwarts Cyber Attack
A criminal complaint filed this week details a very Cold War-like plot to cripple Tesla from the inside. Federal prosecutors and the automaker claim a Russian “tourist” attempted to coerce an employee of Tesla’s Nevada Gigafactory to infect the company’s system with malware, and in doing so receive a payment of $1 million.
The employee reportedly turned down the offer and squealed on the so-called tourist, leading to an FBI sting operation — as well as this week’s criminal complaint.
As reported by Ars Technica, the criminal complaint filed Tuesday claims Egor Igorevich Kriuchkov traveled from Russia and met up with an unnamed employee of the Gigafactory, initially offering $500,000 for the malware job.
“The purpose of the conspiracy was to recruit an employee of a company to surreptitiously transmit malware provided by the coconspirators into the company’s computer system, exfiltrate data from the company’s network, and threaten to disclose the data online unless the company paid the coconspirators’ ransom demand,” the complaint reads.
Prosecutors claim Kriuchkov plied the employee with booze and chose to discus the most sensitive matters pertaining to the plot while inside a rented car. While the complaint only lists the chosen target as “Company A,” Tesla CEO Elon Musk confirmed via Twitter on Thursday that his company was that target, calling it “a serious attack.”
According to an audio recording made by the employee, the defendant claimed to be working for a “group” that supplied the money.
Industrial espionage is nothing new, but the connected, perhaps overly technical world we live in makes cyber attacks all the more damaging. There’s also an open question of exactly what kind of damage a malware attack on Tesla’s digital infrastructure could yield. Could it have placed Tesla drivers — especially those who make use of the automaker’s Autopilot driver-assist system — in harm’s way? Tesla and Musk aren’t saying.