A few days ago, US authorities arrested a Russian national who traveled to the US in order to hire and persuade an employee of a Nevada company to establish malware in his employer's network. If the employee accepted the offer made to him by the Russian hacker, he would receive a reward of 1 million dollars. Although the name of the company targeted by hackers has not been revealed at this time, a growing scenario is that the attack targeted the big American car manufacturer Tesla, which operates the Gigafactory in Sparks, a city near in Reno, Nevada.
Although Tesla has not made any official announcement about this case, its CEO, Elon Musk, in a tweet he announced yesterday, confirmed that the hackers were actually targeting his company. In response to one of the many reports that Tesla seems to have been the target of this malicious activity, Elon Musk wrote that it was a very serious attack.
This attack is a rare case where hackers use the so-called "malicious insiders", a term used in the field of cyber security to describe "fraudulent" employees.
According to court documents, 27-year-old Russian hacker Egor Igorevich approached one of the Tesla employees through his application WhatsApp. It is worth mentioning at this point that the two men had met in the past and specifically in 2016. Kriuchkov claimed that he took a vacation on USA and had arranged to meet with the company employee, with the Russian hacker traveling to Reno for that purpose.
In a series of meetings between the two, Kriuchkov revealed to a Tesla employee that he was working with a hacking team based in Russia, and suggested that the employee install malware inside. network of Tesla.
In addition, the Russian hacker revealed to the automaker that the malware, for the construction of which the hacking team spent $ 250.000, would extract data from the Tesla network and transfer them to a remote server. The hackers' plan was to steal sensitively and confidentially archives Tesla and then threaten the company that its data would be leaked if it refused to pay the ransom they demanded.
The official, described by the FBI as a Russian-speaking immigrant after his first meeting with Kriuchkov, briefed Tesla and FBI for the proposal made to him. Thus, his subsequent meetings with the Russian hacker were recorded and presented as evidence in court, including how the Russian-based gang delayed the Tesla hack later this fall as it broke into another company and had to focus on that target. of.
FBI agents arrested Kriuchkov as he tried to leave the United States via Los Angeles over the weekend and charged him Monday. If convicted, the Russian hacker could face up to five years in prison for his role in the planned attack on Tesla.
According to Brett Callow, a threat analyst at the cybersecurity company Emsisoft, despite the happy ending of the case, the attempt ransomware by bribing an "insider" against such an important target, shows how determined ransomware gangs are to achieve their goal, so that if they can not access a network themselves through their usual methods, they can bribe others for to do the work for them. Callow added that Tesla was lucky, as its employee acted in its favor. Otherwise, however, the outcome could be very different and perhaps detrimental to the car industry.