This could have been a major security breach.
With more cars using technology connecting to the internet, there have been concerns about the risk of potential cyberattacks. Last year, researchers were able to successfully hack a Tesla Model 3 and remotely control it. In this case, however, it was Tesla's Gigafactory in Nevada that nearly came under attack by a cybercriminal. Teslarati reports that US authorities have arrested and charged a Russian citizen named Egor Igorevich Kriuchkov after he tried to recruit a Tesla employee and bribe them into hacking the company's computer systems.
It all started on July 16 when Kriuchkov used WhatsApp to contact a Russian-speaking, non-US citizen who worked at Tesla's Gigafactory in Nevada and had access to the company's computer systems. They had previously met in 2016. Kriuchkov asked the employee to meet him in Sparks, Nevada.
The unnamed Tesla employee met with Kriuchkov and some work colleagues earlier this month and went on a trip to Lake Tahoe. Suspiciously, Kriuchkov didn't want to be seen in any photos that were taken during the trip. When the group took a photo during a sunset, Kriuchkov reportedly remarked that he would "just remember the beauty of the sunset and did not need a photograph." After the seemingly innocent trip, Kriuchkov asked Tesla employee to meet with him for some "business."
It was here that Kriuchkov revealed his cunning plan to steal Tesla's data from the Nevada factory. This would require the Tesla employee to insert malicious malware software provided by Kriuchkov and his hacking team into the systems. This would then start a distribruted denial of service attack (DDOS) that would allow the hackers to steal sensitive data and upload it to a remote server.
They would then threaten to release the data to the public unless Tesla paid a huge ransom. In exchange, the hacker offered to pay the Tesla employee $500,000 for their assistance by cash or bitcoin. This was later increased to $1 million.
Unbeknown to Kriuchkov, the Tesla employee reported the planned cybersecurity attack to Tesla. The automaker then contacted the FBI and monitored the Tesla employees communication with Kriuchkov to learn more about the hacker's methods. In a revealing conversation, the hacker bragged how his team recently received a ransom from a major company worth over $4 million. Reports revealed this company was the business travel management company CWT Travel, which paid a ransom of $4.5 million.
On August 19, the Tesla employee met again with Kriuchkov while wearing a wire from the FBI. During the meeting, the hacker agreed to pay an advanced sum of $11,000 to the Tesla worker. A few days later, Kriuchkov told the Tesla employee the planned attack was delayed and that they won't receive payments until a later date. They also announced they were leaving the area the next day. After being contacted by the feds, the hacker drove from Reno, Nevada, to Los Angeles, so it looked like he was attempting to escape the country.
Kriuchkov was arrested on August 22, 2020 in Los Angeles and is currently awaiting trial. If found guilty, the hacker could face up to five years in jail. It all sounds like the plot of a conspiracy crime film, but Elon Musk verified in a Tweet that the Russian cybercriminal attempted to hack Tesla's Nevada Gigafactory. "Much appreciated. This was a serious attack," Musk wrote.
Let's hope the employee got a raise after saving Tesla from a potentially major security breach.