Tesla Avoids a Cyberattack Bump; Acknowledges the Earnest Employee

Remember the famous dialog from the 1987 movie “Wall Street” where Lou gives a life lesson to the junior stockbroker Bud? Well, for the millennials who rather prefer “The Wolf of Wall Street” from 2013 over the 80’s classic, here is a walkthrough. It said, “The main thing about money, Bud… it makes you do things you don’t wanna do.” However, this has been proven wrong by a Tesla employee, who not only denied a $1 million reward for betrayal but also helped the FBI in arresting the conspirator and averted a huge cyberattack on the tech giant Tesla.

Key Highlights

• A Russian-speaking, non-U.S. citizen working at Tesla’s Gigafactory Nevada was contacted by Egor Igorevich Kriuchkov (conspirator) on July 16, 2020.
• He told the employee about a “Special Project” that would require him to install malware on the company’s system.
• Kriuchkov offered a payout of $1 million for carrying out this activity.
• The employee, however, reported this to its employer who in turn reported it to the FBI.
• The FBI finally arrested Kriuchkov on August 22, 2020, in Los Angeles on the count of “Conspiracy to Intentionally Cause Damage to a Protected Computer” under Title 18, United States Code, Section 371.

The Story, as it Happened

On July 16, 2020, a Russian-speaking, non-U.S. citizen working at Tesla’s Gigafactory Nevada was contacted by another Russian speaking person named, Egor Igorevich Kriuchkov, over WhatsApp under the pretext of meeting him in person in the District of Nevada. The meeting was set for August 1, 2020, at a hotel in Reno, Nevada.

Initially, Kriuchkov befriended Tesla’s employee and spent time with his associates at the employee’s home and other public places. Only after gaining enough trust, on August 3, 2020, Kriuchkov told the employee about a “Special Project” that he and some others were working on, which would require a Tesla insider to install malware on the company’s computer system. This malware would be provided by his co-conspirators and would require him to do a manual installation once. With the help of this malware, the conspirators planned to carry out DDoS attacks on the company’s computer network and search for private and confidential information, probably with the intent of withholding it for a ransom. To woo the employee into carrying out this cybercriminal activity, Kriuchkov offered a $1 million payout to the Tesla employee.

The Earnest Hero

The offer was tempting, but the earnest employee instead turned in the cyber conspirators. He reported these inappropriate advances to the authorities at Tesla, who in turn informed the FBI. The FBI asked the employee to continue communications with the conspirator to expose the entire nexus. Over the next couple of weeks, the FBI wired the Tesla employee and monitored Kriuchkov’s movements. On August 21, 2020, Kriuchkov informed the employee that the plan was getting postponed by a few days and that he shall soon get his money through Bitcoins. He also informed that he was going away for a few days and handed a mobile phone, which he asked to keep on airplane mode until further intimation.

The FBI went on a high alert since this communication and followed Kriuchkov from Reno to Los Angeles (LA), where he drove down on the same night. He was in readiness to flee the country from LA and, thus, the FBI eventually arrested Kriuchkov on August 22, 2020. The cybercriminal was charged under Title 18, United States Code, Section 371, on the count of “Conspiracy to Intentionally Cause Damage to a Protected Computer.”

Tesla CEO Elon Musk accepted that the tech giant avoided a planned cyberattack owing to an earnest employee and acknowledged him on Twitter saying, “Much appreciated.”

However, it’s time for corporates to stay vigilant about such insider threats because, “Buddy, money can make you do things that you don’t want to do.”