A Russian hacker has been charged with offering a $1 million bribe to a Tesla employee to smuggle malware into the company’s Gigafactory in Nevada.
Egor Igorevich Kriuchkov, 27, tried to convince the unnamed employee to plant the malware in Tesla’s computer system so that he and his unknown co-conspirators could launch a distributed denial of service (DDOS) ransomware attack on the business.
Details of the case were revealed in documents released by the Department of Justice following Kruichkov’s arrest on Tuesday. Though the documents refer to “Victim Company A”, Tesla CEO Elon Musk has confirmed on Twitter that the electric vehicle business was the target.
Much appreciated. This was a serious attack.
— Elon Musk (@elonmusk) August 27, 2020
According to the DOJ, Kruichkov allegedly traveled to Sparks, Nevada, where the Gigafactory is located. He rented a hotel room where he met the Tesla employee and laid out the terms of the deal, referred to as a “special project”.
The malware would launch a DDoS attack on Tesla’s systems to distract its security team, and then steal vital information for which Kruichkov and and his co-conspirators could demand a substantial ransom.
The gang was obviously expecting a hefty payday, as they agreed to pay the Tesla staffer $1 million in cash and bitcoin.
And They Would Have Got Away With it if it Wasn’t For That Pesky Kid…
The plot was foiled by the Tesla employee turning informant, and working with the FBI to expose Kruichkov, the DOJ document says.
It reveals the conversations between the pair were “consensually recorded”, alluding to the fact that the Tesla man was probably wearing a wire.
Kruichkov faces charges of conspiracy to intentionally cause damage to a protected computer. If convicted he could face up to five years in prison and a heavy fine.
Though the attempted Tesla Cyber attack might sound like a mash-up of some of the missions on Grand Theft Auto V, it is an increasingly common threat for tech businesses. Indeed, in light of the attack, the NSA’s Rob Joyce said businesses should be including physical breaches in their threat models.
So who had Russian criminals paying an insider to install malware as part of your threat model? Be honest now…
— Rob Joyce (@RGB_Lights) August 28, 2020
In February police in the UK revealed to Computer Business Review that there had been a large increase in physical breaches of IT infrastructure, with criminal gangs planting ‘sleepers’ in cleaning companies to allow them to gain access to networks.