Tesla was the target of "serious" ransomware attack
A Russian national allegedly attempted to bribe a Tesla employee to install malware on the company’s network
Elon Musk has confirmed that Tesla thwarted a "serious" cyber attack at its Gigafactory in Nevada after a Russian national allegedly attempted to bribe an employee to install ransomware on the company’s network.
The US Justice Department released a complaint earlier this week about an attempted malware attack against an unnamed company in Sparks, Nevada. While the complaint didn't name Tesla specifically, Musk confirmed via Twitter that his company was the target, adding that this was a "serious attack".
As per the complaint, the FBI charged a Russian national, 27-year-old Egor Igorevich Kriuchkov, in an alleged conspiracy that involved bribing a Tesla employee “to introduce malicious software into the company’s computer network, extract data from the network, and extort ransom money from the company.”
The unnamed employee met with Kriuchkov, who allegedly offered to pay him $1 million to introduce malware into the company's network. The employee informed Tesla, which then notified the FBI.
The malware was designed to install ransomware, a kind of malware that encrypts a victim’s files in exchange for a ransom. Prosecutors said the ransomware used an increasingly popular new tactic that not only encrypt a victim’s files but also exfiltrates the data to the attacker's servers.
"After the malware was introduced, Kriuchkov and his co-conspirators would extract data from the network and then threaten to make the information public, unless the company paid their ransom demand," the complaint reads.
The FBI launched a sting operation, with the employee wearing a wire and sharing text communications with Kriuchkov as they were negotiating the terms of the malware attack. The continued interaction reportedly helped the FBI to obtain information about previous attacks from this group.
Kriuchkov was leaving the US from Los Angeles on 22 August when he was arrested by the FBI.
In recent months, a number of big name companies have fallen victim to ransomware attacks. Canon was hit by a suspected Maze ransomware attack that rendered various services offline and compromised 10TB of data, while Garmin was attacked by WastedLocker, a ransomware strain deployed by EvilCorp.
