Some real-life events that transpire in our world seem to be straight out of the script of a Hollywood thriller movie. In a dramatic piece of news that came to light due to a complaint registered by the FBI, the Las Vegas Field Office of the Bureau stated that a Russian national by the name of Egor Igorevich Kriuchkov was arrested in California for conspiring to breach the network of an American company and introduce malware into it. It was later announced that this company was none other than electric vehicle heavyweight Tesla. According to sources, the arrest of Kriuchkov was made due to the information provided by a Russian man (unnamed for security issues), whom Kriuchkov had contacted for assistance. According to the complaint filed by FBI, this plan was not an ordinary hacking attempt but could be part of a well-devised scheme.
Tesla Employee Foregoes $1M Payment, Works With FBI To Prevent Cyberattack
The Tesla employee, who is Russian by nationality, works at the Gigafactory in Nevada. On 16th July, he was approached by Kriuchkov through WhatsApp, asking him to meet in Sparks, Nevada. Between 1st and 3rd August, Kriuchkov and the employee, along with some other colleagues, socialized during a trip to Lake Tahoe. Following this, Kriuchkov revealed his business plan, which involved the Russian employee installing malware into Tesla’s network. After this malware was installed, a distributed denial-of-service attack would occur, targeted at Tesla’s information security team. This would give Kruichkov and his associates access to millions of dollars of data. They then planned to hold the data as ransom until Tesla agreed to pay up. For his role in this cyber-attack, the Gigafactory employee was offered $500,000 at first, before the price was increased to $1 million, to be paid in cash or bitcoin.
The employee however thwarted this Russian attack by reporting the matter to the security team of Tesla, who in turn, reported it to the FBI. The Bureau stepped in and using the employee’s contact with Kruichkov, they kept the communication going, trying to get as much information they could about the hackers’ procedure, process, and infrastructure. In one of the meetings, the hacker revealed that they had carried out a similar attack in another high-profile company and managed to get $4.5 million in return. This company was later reported to be CWT Travel. During a meeting with the hacker on 19th August, the Tesla employee, wearing a wire, was offered $11,000 as an advance for his role. A couple of days later, the hacker called, saying that the plan had to be delayed for some reason, and further payments were put off too. He apparently planned to flee the country but ended up getting arrested in Los Angeles.
The methodology of Kruichkov and his associates have led the FBI to believe that this was supposed to be a properly planned and well-coordinated attack. The hackers had already carried out an attack of this kind against CWT Travel, and Kruichkov had avoided being in any of the photographs during the Lake Tahoe trip. They used burner phones and TOR (The Onion Router), which is a very secure web browser that has been untraceable so far. It consists of multiple-layer encryption code, built for the purpose of hiding the session traffic content and their ultimate start and endpoints.
Much appreciated. This was a serious attack.
— Elon Musk (@elonmusk) August 27, 2020
FBI’s counterintelligence effort was successful, as they managed to obtain the names and functions of several individuals linked to this group. Tesla CEO Elon Musk also acknowledged the effort though a tweet, that said, “Much appreciated, this was a serious attack.” Managers of insider threat programs lauded this effort, focusing on the mechanics of the response of the employee to an external approach of this kind. The Tesla employee did exactly what companies expect their employees to do in such a situation – report it to the necessary authorities. And in this case, the thing to be noted was that the employee put his morals ahead of a bounty of $1 million.