Tesla Worker Helps The Company Evade Ransomware Attack

Last week, the U.S. Department of Justice reported the arrest of Egor Igorevich Kriuchkov, a 27-year-old Russian citizen, on a count of plotting a malware attack against a world-renowned corporation in Nevada. The detained reportedly offered a company employee $1 million to inject malware in the form of ransomware into the firm’s computer network in one of its facilities.

Two days later, on Aug. 27, Elon Musk confirmed in a tweet that the attack aimed to disrupt Tesla’s Gigafactory in Sparks. This plot failed to materialize thanks to one employee who not only turned down the hefty compensation but also informed Tesla officials who, in turn, collaborated with agents from the FBI. Subsequently, they caught Kriukchov as he attempted to leave the U.S.

Ransomware Perp Targets Big Corp

The origins of the conspiration date back to mid-July. Egor Igorevich Kriuchkov approached Tesla's worker via WhatsApp, arranging to meet him in early-August. The employee turned out to be an acquaintance of Kriuchkov's dating from 2016. Having entered the States on a B1/2 visa, Kriuchkov took the employee to a couple of nearby trips, including a stop at Lake Tahoe, before revealing the real reason for his visit. The scheme relied on the employee's willingness to inject a malicious payload — either via a USB thumb drive or through a malicious email attachment — into Tesla's network systems at its Sparks-based electric car battery plant.

The ultimate goal was to collect sensitive corporate data to an external server and launch a full-on ransomware infection for money extortion. However, it would first establish a DDoS attack to divert Tesla’s security analysts from the real threat running in the meantime. Once the data have migrated to the external server, Tesla’s officials would have to pay a few million dollars or risk having the data leaked on a public domain.

Tracking Down and Arresting the Ransomware Perpetrator

Thanks to the FBI's collaboration, whose agents followed Kriuchkov's every move using electronic surveillance equipment, the conspired attack never took off. On Aug. 22, Egor was arrested in L.A. Two days later, and he appeared in court facing a charge of violating Section 371 in Title 18 of the United States Code — Conspiracy to Intentionally Cause Damage to a Protected Computer. If convicted, the Russian citizen could spend the next five years in prison and pay a $0.25 million penalty fee. The full text of the complaint can be found on the Justice Department's website.