Hackers infiltrated Tesla's cloud environment and used it for cryptocurrency mining

Tesla's cloud storage on the Amazon Web Service (AWS) environment was hacked and used for mining cryptocurrency. RedLock, an Indian security research firm detected and reported about the security breach.  The process of hacking a website and mining cryptocurrency is also called as cryptojacking. The unidentified hackers infiltrated Tesla's Kubernetes, an open-source system for automating deployment, scaling and managements of applications, which was not protected by a password.

Tesla Roadster 380One of the section of the Kubernetes also called as pod that contained sensitive data such as telemetry were also exposed to the hackers.

According to a blog post by RedLock the hackers didn't use public 'mining pool' but "they installed mining pool software and configured the malicious script to connect to an “unlisted” or semi-public endpoint. This makes it difficult for the standard IP/ domain based threat intelligence feeds to detect the malicious activity." They had also hidden the true IP address of the mining pool server and used a new on-demand IP address to make the detection more challenging.

Taking it to the next level the Tesla hackers configured the mining software to keep the CPU usage low and used a non-standard port for not getting detected easily.

According to a report on Gizmodo, Tesla spoksperson said " there is no indication the breach impacted customer privacy or compromised the security of its vehicles." He also mentioned that the because of the bug bounty program, the vulnerability was exposed within hours of learning about it and the impact has been limited to engineering test cars only.

According to the report the RedLock CTO Gaurav Kumar said "The recent rise of cryptocurrencies is making it far more lucrative for cyber-criminals to steal organisations’ computer power rather than their data." He added that "In particular, organisations’ public cloud environments are ideal targets due to the lack of effective cloud threat defence programs."

The CTO of the research company anticipated an increase in the scale and velocity of cyber-crime. He added that breaches at cloud service providers were not the fault of the companies but security is a 'shared responsibility'.

The research company RedLock estimates that 8 percent of organisations will face attacks by cryptojackers and most of it will go undetected because of ineffective network monitoring. RedLock also estimates that 58 percent of organisations are “publicly exposed at least one cloud storage service." and 66 percent of the database were not encrypted.

Published Date: Feb 21, 2018 10:11 AM | Updated Date: Feb 21, 2018 10:11 AM