How Did Tesla Ransomware Attack Happen?Orhan Sari
A serious ransomware attack targeted Tesla. Tesla CEO Elon Musk explained in a Tweet that a 27-year-old Russian citizen was trying to persuade an insider and offered him a million-dollar payment in exchange for installing a ransomware into the system and helping to trigger it.
The defendant Egor Igorevich Kriuchkov tried to seduce a Russian speaking employee working at the Tesla plant, according to details disclosed in the US District Court in Nevada.
Reaching the unnamed worker via WhatsApp in July, Kriuchkov flew to the US using a Russian passport with a tourist visa and allegedly tried to persuade the worker to betray Tesla.
It is alleged that Kriuchkov first took the worker he met in 2016 on a trip to Lake Tahoe and offered this person $ 1 million to install malware on computer systems in Tesla.
However, the factory worker immediately explained the situation to Tesla, and Tesla officials contacted the FBI. Later, according to Kriuchkov’s subsequent meetings, which were monitored and recorded by federal agents, a program to steal valuable data would first be installed on the factory’s computers, and then the ransomware would be triggered.
Kriuchkov said that they will be camouflaged by a distributed denial of service (DDOs) attack. These types of attacks create unnecessary traffic to the servers, rendering local servers inoperable. If Tesla did not pay, the data would be uploaded to the Internet….
Kriuchkov told the Tesla employee that his organization was running similar “special projects” at other companies, and that a victim had paid a so-called $ 4 million ransom. Kriuchkov mentioned that his institution uses advanced encryption to mask Tesla employee involvement, and that a hacker in his group is a senior employee of a state bank in Russia.
The Nevada office of the US Attorney’s Office did not comment on whether Kriuchkov or any of his partners had ties to the Russian government. Nothing in the criminal report showed that their reasoning was anything other than obtaining money.
Tesla was a financially attractive target. The company leads the US in electric vehicle sales, and with this attack, hackers could gain valuable information from battery chemistry to manufacturing techniques and costs. Tesla claimed that the factory reduced battery cell costs through innovative manufacturing.
Kriuchkov was arrested on August 22, after he left Reno to Los Angeles. He appeared in federal court there on Monday and was charged with conspiring to deliberately damage a protected computer. He began his trial with a five-year prison term and a $ 250,000 fine.
Protect your organization against ransomware attacks with Keepnet!
By constantly training the employees of the institutions with Cyber Security Awareness Training, you will reduce the risks of attacks such as malicious software and information disclosure against ransom attacks and e-mail, and you will protect your organization by training employees. By teaching your employees how to understand suspicious e-mails and fake web pages, you increase the cyber security awareness of your employees against phishing attacks.
Thanks to the our Cyber security awareness training module, you can provide your employees with HTML5 Training Presentations in Turkish and English languages, Animation Training Videos in Turkish and English, Posters, Screensavers, Cyber Security Newsletters, Tips, Ninjio Animation Training Videos, rich training materials for your employees’ cyber security. You can do studies to increase their awareness and get automatic reports.
Keepnet Labs has also phishing test software, Phishing Simulation Module which offers more than 750+ English, German, French, etc. in 8 languages in total, each with a different phishing campaign. By customizing phishing campaigns specific to your organization and then sending these real-world phishing campaigns to your employees, you can measure their awareness of a phishing e-mail, and again, thanks to this module, you can make your users aware of what phishing e-mails look like and what they should check on fake websites. You can review the results of the automatic phishing campaign in the report and watch live statistics such as how many people opened the phishing e-ail, clicked the link, and the people who lost their information.