How A Russian Cyber Attack Plot Against Tesla Was Foiled By A Vigilant Employee And The FBI
When one thinks of hacking and digital espionage, Wargames, Snowden, or even the Matrix may come up. Sometimes, the absurd plots from those sorts of movies may come to life. In this case, a Tesla employee turned down a Russian man who offered him $1 million in a scheme to upload malware to Tesla’s network. The employee then went to the FBI to foil the scheme and bring the Russian perpetrator to justice.
Let us start with the many facts at hand. Around July 16th, the perpetrator, Egor Igorevich Kruichkov, contacted an employee at Tesla’s Gigafactory via WhatsApp, where they agreed to visit in person. Mr. Kriuchkov then entered the United States with his Russian passport and tourist visa roughly 12 days later. In the days following his entrance to the United States, Kriuchkov purchased a cell phone and rented a vehicle to go to Reno, Nevada, near where the Tesla Gigafactory is located. Then, Mr. Kriuchkov visited with the Tesla employee and his associates several times for dinner and drinks, either in private or public locations. A note of interest here is that Kriuchkov, throughout his visit, wished to remain out of photos and paid for the excursions they went on. This showed he had money and possibly some sort of motive.
1. The coconspirators would provide the employee with malware to surreptitiously transmit into Victim Company A’s computer system.Over the next several days, the employee was left to ponder the decision. From August 7th to August 17th, the employee was repeatedly encouraged with the promise of monetary compensation. On or around the 17th, Kriuchkov called his unknown superior with the Tesla employee to discuss how the “mission” could be accomplished and how long it would take. Over time, more details began to develop, and the mission was beginning to take shape.
2. The coconspirators would engage in a Distributed Denial of Service Attack to divert attention from the malware.
3. The malware would allow the conspirators to extract data from Victim Company A’s network.
4. Once the data was extracted, the conspirators would extort Victim Company A for a substantial payment.
5. Both KRIUCHKOV and the employee would be compensated.
Kriuchkov then provided a burner phone to the Tesla employee who was instructed to leave it in “airplane mode” until a signal was received over WhatsApp. With this, the employee was also instructed on using the Tor Browser, creating a Bitcoin wallet, creating code names, and destroying messages after using the variety of communication apps. Before the plan unraveled, Kriuchkov stated that he would limit contact, and if there were further questions, the employee should ask his unknown associates.
Even though Kriuchkov and the employee continued to communicate, it turns out that the employee reported the earlier approach to the security department of Tesla. This information was then used to recruit the employee as a confidential human source for the FBI. This new resource allowed the FBI to spy on Kriuchkov in meetings. With the data collected, FBI Agent Michael J. Hughes was able to ascertain the project plan and subsequently arrest Kriuchkov with a “violation of 18 U.S.C. § 371 – Conspiracy to Intentionally Cause Damage to a Protected Computer (conspiracy to violate 18 U.S.C. §§ 1030(a)(5)(A); 1030(c)(4)(B)(i) and (c)(4)(A)(i)(I))”
I am not a lawyer; however, those charges are stating that Kriuchkov conspired to violate the Computer Fraud and Abuse Act. Also, throughout the FBI document, Tesla is never mentioned. We can confirm that Tesla is the company affected, though, because of a Tweet from Elon Musk replying to Teslarati when this story first broke.
Much appreciated. This was a serious attack.
— Elon Musk (@elonmusk) August 27, 2020
No matter what, this story of recruitment, secret messaging, hacking, and unknown bosses is a wild ride from start to finish. It is fascinating to see the sort of things that can happen inside the United States borders when large amounts of money and malicious software is involved. If you want to read the full FBI write up, you can do so here.
(GigaFactory mages courtesy of Duncan Sinfield on YouTube)
