A Tesla Employee Foiled an Alleged Ransomware Scheme

CEO Elon Musk called a thwarted cyberattack against Tesla “serious” on Thursday after a Russian national reportedly tried to recruit and bribe an employee to install ransomware on the company’s network at its Gigafactory in northern Nevada.

The Justice Department released a complaint earlier this week about an attempted malware attack that doesn’t name the tech giant specifically, but Musk confirmed via Twitter that Tesla is the Nevada company mentioned in the report. “Much appreciated,” he tweeted Thursday, “This was a serious attack.”

Tesla’s massive factory in Sparks, Nevada, produces lithium-ion batteries and electric motors to power its fleet of vehicles. Per the complaint, the FBI charged a Russian national, 27-year-old Egor Igorevich Kriuchkov, in an alleged conspiracy that involved bribing a Tesla employee “to introduce malicious software into the company’s computer network, extract data from the network, and extort ransom money from the company.” This particular brand of malware is known as ransomware, wherein hackers steal a company’s proprietary data and typically threaten to go public with it if their demands aren’t met.

After allegedly conspiring with his associates, Kriuchkov had been in talks with an unnamed Tesla employee he originally met in 2016 and reconnected with via WhatsApp in July. He offered to pay the employee $1 million in cash or bitcoin after the malware was introduced, according to the FBI. The employee relayed this to Tesla, where higher-ups relayed it to the FBI, and Kriuchkov was arrested on August 22, charged with one count of conspiracy to intentionally cause damage to a protected computer.

While ransomware gangs have no doubt been growing bolder in recent years, the idea that they’d physically travel to the U.S. to try and commit cybercrime is a whole new magnitude of insane. To take something that’s online by nature and voluntarily take on the same risks that come with face-to-face criminal dealings shows that ransomware hackers are either growing more confident or more desperate.

“This is what happens when you hand billions to ransomware groups,” said Brett Callow, a threat analyst with network security firm Emsisoft, in an interview with Wired. “If they can’t access a network via their usual methods, they can afford to simply buy their way in. Or try to. Tesla got lucky. The outcome could have been very different.”

In recent months, dozens of the biggest names in the entertainment history have been hit by ransomware attacks, as has the watch-maker Garmin, the foreign exchange company Travelex, and the network powering the Texas court system, to name a few. Attacks have raked in millions from corporate victims, and a ransomware variant called NetWalker purportedly earned $25 million in the last five months.

CEO Elon Musk called a thwarted cyberattack against Tesla “serious” on Thursday after a Russian national reportedly tried to recruit and bribe an employee to install ransomware on the company’s network at its Gigafactory in northern Nevada.

The Justice Department released a complaint earlier this week about an attempted malware attack that doesn’t name the tech giant specifically, but Musk confirmed via Twitter that Tesla is the Nevada company mentioned in the report. “Much appreciated,” he tweeted Thursday, “This was a serious attack.”

Tesla’s massive factory in Sparks, Nevada, produces lithium-ion batteries and electric motors to power its fleet of vehicles. Per the complaint, the FBI charged a Russian national, 27-year-old Egor Igorevich Kriuchkov, in an alleged conspiracy that involved bribing a Tesla employee “to introduce malicious software into the company’s computer network, extract data from the network, and extort ransom money from the company.” This particular brand of malware is known as ransomware, wherein hackers steal a company’s proprietary data and typically threaten to go public with it if their demands aren’t met.

After allegedly conspiring with his associates, Kriuchkov had been in talks with an unnamed Tesla employee he originally met in 2016 and reconnected with via WhatsApp in July. He offered to pay the employee $1 million in cash or bitcoin after the malware was introduced, according to the FBI. The employee relayed this to Tesla, where higher-ups relayed it to the FBI, and Kriuchkov was arrested on August 22, charged with one count of conspiracy to intentionally cause damage to a protected computer.

While ransomware gangs have no doubt been growing bolder in recent years, the idea that they’d physically travel to the U.S. to try and commit cybercrime is a whole new magnitude of insane. To take something that’s online by nature and voluntarily take on the same risks that come with face-to-face criminal dealings shows that ransomware hackers are either growing more confident or more desperate.

“This is what happens when you hand billions to ransomware groups,” said Brett Callow, a threat analyst with network security firm Emsisoft, in an interview with Wired. “If they can’t access a network via their usual methods, they can afford to simply buy their way in. Or try to. Tesla got lucky. The outcome could have been very different.”

In recent months, dozens of the biggest names in the entertainment history have been hit by ransomware attacks, as has the watch-maker Garmin, the foreign exchange company Travelex, and the network powering the Texas court system, to name a few. Attacks have raked in millions from corporate victims, and a ransomware variant called NetWalker purportedly earned $25 million in the last five months.