$1 Million Offered to TESLA Employee to Install Ransomware on Company Server

By:  |  Category: Blog Wednesday, September 2nd, 2020  |  No Comments

For those of you unaware of the cyber-attack that goes by the term “social engineering,” it is one of the most dangerous and prominent exploits of human curiosity and trust.

Designed to attract the user’s full attention, social engineering contains key pieces of personal information previously acquired by the attacker and utilized in a multitude of areas to gain trust for further manipulation. As easy as a targeted phishing email, impersonated phone call, or stolen ID badge for company access, this form of cyber espionage is often difficult to identify.

Sometimes the threat is direct, in this case a Tesla employee was discretely recruited by a Russian national “to install malware on their employer’s network in exchange for $1 million,” now that’s extreme social engineering, bribery.

Elon Musk confirmed in a tweet that the attack was in fact aimed at his Nevada based company, thanking all who were reporting on the event stating, “Much appreciated. This was a serious attack.”

So, what actually happened?

The encounter began in 2016 when Russia’s Egor Igorevich Kriuchkov met one of Tesla’s employees (described as a Russian-speaking immigrant), and later contacted that employee through the popular social platform WhatsApp. ZDnet explains “the entire attack was a rare case where hackers decide to use so-called “malicious insiders,” a term the cyber-security industry uses to describe rogue employees.”

This employee however was not rogue and after his first meeting with Kriuchkov, notified Tesla and the FBI. Any meetings afterward were recorded and Kriuchkov revealed he was working with a Russian-based hacker group willing to pay up to $1 million to have custom-built malware installed on Tesla’s internal network.

The malware, costing $250,000 to build, “would exfiltrate data from Tesla’s network, and upload it to a remote server. The plan was to steal sensitive Tesla files and then threaten to release the data unless Tesla paid a huge ransom demand.” The hacker gang had just breached another large company, so the attack on Tesla was decidedly planned for this fall when additional resources would be available. 

Egor Kriuchkov was arrested this past weekend as he tried to leave the LAX airport after ‘’vacationing” in the US. He could face up to five years in prison for his role in the crime, if found guilty.

Another encounter that amplifies the need for trust and security within every organization.

Worried social engineering may cost your business a ransomware attack? Call EnhancedTECH today for a free cybersecurity assessment and employee awareness training (714) 970-9330.

-Emmy Seigler

Source: https://www.zdnet.com/article/elon-musk-confirms-russian-hacking-plot-targeted-tesla-factory/?ftag=TRE-03-10aaa6b&bhid=28837826891618282212917048574090&mid=13012521&cid=2176732464

Image Source:

Leave a Comment
Read previous post:
Online School Starts While Zoom Crashes in the US

Did your child attempt to start online distance learning yesterday morning and have trouble connecting to their classrooms through Zoom?...