View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 28, 2020

A Russian Hacker Offered Tesla Employee $1 Million to Plant Malware at Company’s Gigafactory

Musk: Staffer's actions "much appreciated"

By Matthew Gooding

A Russian hacker has been charged with offering a $1 million bribe to a Tesla employee to smuggle malware into the company’s Gigafactory in Nevada.

Egor Igorevich Kriuchkov, 27, tried to convince the unnamed employee to plant the malware in Tesla’s computer system so that he and his unknown co-conspirators could launch a distributed denial of service (DDOS) ransomware attack on the business.

Details of the case were revealed in documents released by the Department of Justice following Kruichkov’s arrest on Tuesday. Though the documents refer to “Victim Company A”, Tesla CEO Elon Musk has confirmed on Twitter that the electric vehicle business was the target.

According to the DOJ, Kruichkov allegedly traveled to Sparks, Nevada, where the Gigafactory is located. He rented a hotel room where he met the Tesla employee and laid out the terms of the deal, referred to as a “special project”.

Content from our partners
Why email is still the number one threat vector
Why HR must take firm steps to become a more data-driven function
Why enterprises of all sizes must  embrace smart manufacturing solutions

The malware would launch a DDoS attack on Tesla’s systems to distract its security team, and then steal vital information for which Kruichkov and and his co-conspirators could demand a substantial ransom.

The gang was obviously expecting a hefty payday, as they agreed to pay the Tesla staffer $1 million in cash and bitcoin.

And They Would Have Got Away With it if it Wasn’t For That Pesky Kid…

The plot was foiled by the Tesla employee turning informant, and working with the FBI to expose Kruichkov, the DOJ document says.

It reveals the conversations between the pair were “consensually recorded”, alluding to the fact that the Tesla man was probably wearing a wire.

Kruichkov faces charges of conspiracy to intentionally cause damage to a protected computer. If convicted he could face up to five years in prison and a heavy fine.

Though the attempted Tesla Cyber attack might sound like a mash-up of some of the missions on Grand Theft Auto V, it is an increasingly common threat for tech businesses. Indeed, in light of the attack, the NSA’s Rob Joyce said businesses should be including physical breaches in their threat models.

In February police in the UK revealed to Computer Business Review that there had been a large increase in physical breaches of IT infrastructure, with criminal gangs planting ‘sleepers’ in cleaning companies to allow them to gain access to networks.

See also: NCSC Board Toolkit: Five Securityu Questions for your Board’s Agenda

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU