Tesla targetted in failed ransomware extortion scheme

BOSTON (AP) — In a tweet, Tesla CEO Elon Musk solved a mystery involving a 27-year-old Russian, an insider at an unnamed corporation and an alleged million-dollar payment offered to help trigger a ransomware extortion attack on the firm.

Prosecutors declined to name the target, but Musk was happy to oblige. According to the billionaire, the scheme took aim at the electric car company’s 1.9 million-square-foot factory in Sparks, Nevada, which makes batteries for Tesla vehicles and energy storage units.

“This was a serious attack,” Musk tweeted on Thursday night, responding to a Tesla blog post that detailed the brazen scheme.

Defendant Egor Igorevich Kriuchkov tried to recruit a fellow Russian speaker who worked at the plant, according to a criminal complaint filed in United States (US) District Court in Nevada.

Reaching out to the unnamed worker via WhatsApp in July, Kriuchkov allegedly flew to the US with a Russian passport on a tourist visa and sought to entice the worker to betray Tesla. Kriuchkov allegedly took the worker, who he’d he’d first met in 2016, on a road trip to Lake Tahoe before offering the person USD1 million to plant malware on computer systems at ‘Victim Company A’.

Kriuchkov floated the scheme on August 3, the complaint said.

But the plant worker informed Tesla, which contacted the FBI and won the employee’s cooperation. In subsequent meetings monitored and recorded by federal agents, Kriuchkov laid out a scheme to have the worker infect Tesla computers with a programme that would steal valuable data before scrambling plant systems with ransomware, according to the complaint.

Kriuchkov was quoted as saying the inside job would be camouflaged with a distributed denial of service attack on plant computers from outside. Such attacks overwhelm servers with junk traffic.

If Tesla didn’t pay, the purloined data would be dumped on the open Internet.

A sign marks the entrance to the Tesla Gigafactory in Sparks, Nevada. PHOTO: AP