The FBI released information this week on the arrest of Egor Igorevich Kriuchkov, a 27-year-old Russian citizen, who they claim was part of a group who attempted to extort millions of dollars from a company in Nevada, which has now been identified as Tesla.
According to the complaint, Kriuchkov traveled to the US in July on a tourist visa and made contact with a Russian-speaking employee at Tesla Gigafactory Nevada.
He met the employee, who remains anonymous in the complaint, several times socially before making him a proposition to pay him to help introduce malware in Tesla’s internal computer system in order to extract corporate data and affect Tesla’s operations.
The FBI launched a sting operation with the employee who wore a wire and shared text communications with Kriuchkov as they were negotiating the terms of the malware attack.
This is how such a scheme works:
- The hacker needs to infect the computer system with malware.
- This can be done via ransomware but in this case they went directly to an employee.
- Once installed, they have access to all the company’s secrets and can extort them for payment. So-called Extortionware – the evolution of ransomware.
- To get it started, a Russian visitor on a tourist visa made contact with a Russian-speaking Tesla Gigafactory worker.
- The employee was invited to take part in a “special project.”
- Once he installed the malware, the hackers would engage in a distributed denial-of-service attack (DDoS) against the company in an effort to distract their anomaly detection software from noticing a large amount of data being siphoned off the network.
- The worker would then get paid one million dollars.
- The worker was advised to use the anonymizing TOR browser and to set up a bitcoin wallet using these means
- Communications was to take place via WhatsApp via a provided telephone.
- The phone was to be left in airplane mode until a signal was sent from the hacking group.
- He was instructed to delete messages after they were sent.
Thankfully, Tesla got lucky.
The employee notified authorities and the FBI got involved and charged Kriuchkov with Conspiracy to Intentionally Cause Damage to a Protected Computer.
If not, Tesla may have been forced to pay many millions or tens of millions of dollars to protect their information and keep it from being leaked or sold to competitors.
Moreover, they may not have ever found out how they were infected with the malware and the worker could even still be working there today.
Ask the experts at Apex Technology Services about how we can help your organization stay secure.