Sometimes, the events that transpire inside a company could be just as exciting and nail-biting as the most popular thrillers in fiction. In Tesla’s case, such a scenario recently played out, as a worker in Gigafactory Nevada ended up turning down a $1 million incentive, working closely with the FBI, and thwarting a planned cybersecurity attack against the electric car maker.
This Tuesday, the Department of Justice announced the arrest of Egor Igorevich Kriuchkov, a Russian citizen accused of conspiring to breach the network of a US company and introduce malware to compromise the said company’s networks. Media reports about the incident have identified the US company to be electric car maker Tesla. Interestingly enough, a criminal complaint filed by the FBI Las Vegas Field Office suggests that the attempted cybersecurity attack is no ordinary hacking attempt — it may very well be part of a well-financed, organized, scheme.
THE PLAN BEGINS
The remarkable story began when a Russian-speaking, non-US citizen working at Tesla’s Gigafactory Nevada was contacted by Kriuchkov. The employee, whose identity has not been revealed, has access to the electric car maker’s computer networks. On July 16, the Russian citizen contacted the Giga Nevada employee through WhatsApp asking to meet with him in Sparks, Nevada. As noted in a report from Clearance Jobs, the fact that Kriuchkov approached a Russian-speaking, non-US citizen working at Gigafactory Nevada suggests that the team behind the cyberattack attempt has done their research well.
The Tesla employee, some colleagues, and Kriuchkov met socially from August 1-3, which included a trip to Lake Tahoe. Interestingly enough, Kriuchkov reportedly declined to be present in any photos that were taken during the trip. At one point when the group was taking a photo during a picturesque sunset, Kriuchkov reportedly remarked that he would “just remember the beauty of the sunset and did not need a photograph.” After the relatively harmless Lake Tahoe trip, the Russian citizen asked the Tesla employee to meet with him for some “business.”
DOWN TO “BUSINESS”
During their “business” meeting, Kriuchkov revealed his hand. The plan involved the Tesla employee inserting malware provided by Kriuchkov and his associates to the electric car maker’s systems. After the malware is inserted, a distributed denial of service (DDoS) attack would occur that could allow the hackers to occupy the Tesla information security team. The malware would also allow the hackers to extract corporate and network data, which would be held ransom until the electric car maker pays up. For his participation in the ploy, the Gigafactory Nevada employee would receive $500,000, later raised to $1 million, to be paid in cash or bitcoin.
Unfortunately for Kriuchkov and his team, the Giga Nevada employee actually reported the planned cybersecurity attack on Tesla, which, in turn, contacted the FBI. The FBI stepped in, and with the agency’s help, the Tesla employee continued to communicate with Kriuchkov, trying to get as much information as possible about the hackers’ processes, procedures, and infrastructure. The efforts proved fruitful. In one conversation, the hacker reportedly boasted that his team had recently received a ransom worth over $4 million from a high profile company. Later reports would reveal that the company in question was CWT Travel, which reportedly paid a ransom of $4.5 million.
THE PLAN FALLS THROUGH
During a meeting on August 19, the Tesla employee, wearing a wire from the FBI, met with Kriuchkov. The hacker agreed to pay an advance of $11,000 to the Giga Nevada worker. Two days later, on August 21, the Tesla employee was contacted by the hacker once more, who stated that the project was being “delayed” and all payments relating to the plan would not be transferred until a later date. Kriuchkov also informed the Tesla employee that he was leaving the area the following day. Behind the scenes, the FBI was able to get in touch with the hacker, who, in turn, drove overnight from Reno, Nevada to Los Angeles in what appeared to be an attempt to flee the United States.
Kriuchkov was unsuccessful, as he was arrested on August 22, 2020 in Los Angeles. The hacker is currently being detained pending trial. Fortunately for Tesla, the company was able to get away from what could have been a serious cybersecurity attack, and it has one employee to thank for it. It takes a lot, after all, to say no to a $1 million reward, as others have compromised more far more for far less.
Read the FBI’s complaint against Kriuchkov below.
In the context of the false and misleading interpretations spread by Bemol Retail SRL (“Bemol Retail”) and close media of the judgment of the Amsterdam Court of Appeal dated 7 September 2021, Danube Logistics SRL , as a general investor and operator of Giurgiulesti International...( ) Read all
Let me first congratulate all of you with the 30th anniversary of the independence of the Republic of Moldova. On this occasion one can recall that even before declaring its own independence, Moldova became the first country to recognise the restored independence of the Republic of...( ) Read all
U.S. President Joe Biden proposed a summit meeting with Russian President Vladimir Putin during a telephone call on Tuesday in which he stressed the U.S. commitment to Ukraine's territorial integrity and voiced concern about a Russian military build-up in Crimea and on Ukraine's borders,...( ) Read all
The European Bank for Reconstruction and Development (EBRD) is enforcing rights under its financing and security documents with regards to Danube Logistics Holding BV’s shareholding in Danube Logistics SRL (Danube Logistics), the operator of Giurgiulesti International Free Port in the...( ) Read all
EBA Moldova is following with great concern the latest developments regarding Danube Logistics SRL, the owner and operator of Giurgiulesti International Free Port, the only port of the Republic of Moldova.( ) Read all
The European Bank for Reconstruction and Development (EBRD) intends to fight a legal decision to impose external administration over the assets of Danube Logistics SRL, the operator of Giurgiulesti International Free Port in Moldova.( ) Read all
One August day in the mid-1960s, my parents boarded a bus in the village of Hartopul Mare in the center of Moldova to travel to the capital Chisinau, determined to get a better education and better jobs in the Soviet planned economy. It was a 90-minute trip in a vehicle packed with about 50...( ) Read all
On Thursday 3 December, the Parliament of the Republic of Moldova voted on a number of legislative proposals, including on limitations of Presidential powers, tabled in a hasty and non-transparent manner.( ) Read all
Seven people died from methanol (wood alcohol) poisoning after drinking hand sanitizer at a party in Russia. Nine people, with ages ranging from 27 to 69 years old, were partying when they opted to drink hand sanitizer after running out of alcoholic beverages, according to local Russian...( ) Read all
On 25 August 2020 the Constitutional Court of the Republic of Belarus (thereinafter – the CCRB) adopted a document entitled the “Constitutional Legal Position on the Protection of the Constitutional Order” (Kонституционно-правовaя позиция по...( ) Read all
Leaked documents shed a light on Deutsche Bank's central role in facilitating financial transactions deemed suspicious. Many of these could have enabled the circumvention of sanctions on Iran and Russia.( ) Read all
On 12 May 2020 the Chișinău Appeals Court barred Danube Logistics SRL from transferring funds to its Dutch shareholder Danube Logistics Holding BV. Danube Logistics SRL is the operator of Giurgiulești International Free Port located on the maritime section of the Danube.( ) Read all
On the building that once housed the local headquarters of the Soviet secret police in the Russian city of Tver, where 80 years ago thousands of Polish prisoners of war were murdered, plaques commemorating the victims of Stalinist crimes were today removed.( ) Read all