This post was originally published on September 15, 2020.
The FBI recently announced the arrest of Russian national Egor Igorevich Kriuchkov, charged with a conspiracy to recruit an employee of Tesla and attempt to “introduce malicious software into the company’s computer network, extract data from the network, and extort ransom money from the company.”
The Tesla employee—whose name hasn’t been revealed—worked at the Tesla Gigafactory in Sparks, Nevada. Media reports say the suspect first initiated contact with the employee in 2016 but only started to intensify communication from July this year.
Kriuchkov arrived in the U.S. on a tourist visa on July 28 and rented a car to go meet the Tesla employee in Nevada. Over the course of several meetings, the alleged hacker attempted to gain the employee’s trust by taking him out for dinners and a trip to nearby Lake Tahoe.
Eventually, Kriuchkov revealed his real intentions. He offered the Tesla employee a sum of 1 million USD if he were to assist in introducing malware into the Tesla network.
Prosecutors say the plan was to let the malware spread in order to extract as much data as possible. The next steps would be to force Tesla to pay a ransom or threaten to make the information public. Kriuchkov gave the employee a burner phone for better coordination with all the conspirators and asked him to keep it in airplane mode until after he received his funds.
Loyalties with Tesla
Immediately after the meeting, the Tesla employee alerted his company, which proceeded to inform the FBI. The employee maintained contact with Kriuchkov, however, letting him believe that he was on board with the plot.
The FBI set up a sting operation, with the Tesla employee wearing a wiretap in meetings with Kriuchkov. Precise details of the attacks were discussed, with the in-depth complaint chronicling how the employee was instructed to insert an infected USB stick and keep the machine running for six to eight hours for the malware to inflict maximum damage.
In some of his conversations, Kriuchkov boasted that his hacker group had successfully targeted and extorted other companies in the past. The complaint, however, doesn’t disclose which hacker group Kriuchkov is associated with.
FBI agents continued to surveil Kriuchkov during his stay in the U.S., gathering evidence about his motives. He was finally arrested on August 22 as he attempted to fly out of Los Angeles airport. By this time, the attack’s details had been finalized, with multiple calls and meetings confirming the payments to be made to the Tesla employee and the steps to follow.
Much appreciated. This was a serious attack.
— Elon Musk (@elonmusk) August 27, 2020
Beautiful story! Thanks for this.
One minor discordant note: regarding the “sting operation”, “wearing a wiretap”… May I suggest that IMHO, a “wiretap” is not something that one can wear; “wearing a wire” would be the correct terminology as “wire” in this usage, is usually understood to mean a concealed, miniature microphone with radio transmitter plus antenna. In the dark ages, the antenna was a simple wire and all hidden under the person’s clothing, out of sight.
One serious and respectful question: What happened to the honest and honorable employee, after the arrest was made? I.e., what if any reward was conferred, and what degree of protection was provided for how long? After all, the bad guy(s) knew his ID, his location, the car he drove, surely his wife and children (or significant other), etc. When eventually released, the Russian likely would want revenge, and/or his gang as well.