A new report by RedLock’s Cloud Security Intelligence team that was released yesterday shows that Elon Musk Tesla cloud was highjacked by hackers and used to mine cryptocurrencies.
The issue has however been addressed since the Tesla team was notified of the intrusion. Part of the problem can be traced back to the fact that the Elon Musk Tesla cloud team was running hundreds of open source systems that were easily accessible online and didn’t have any password protection.
This made it easy for hackers to access the electric vehicles company Amazon cloud environment. The report from RedLock however shows there is no sign that the breach impacted the security of the vehicles or that of its customer security.
An email sent to Gizmodo from a Tesla spokesperson read:
“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it,”
“The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”
RedLock believes getting access to the data stored in Tesla servers wasn’t the motivation for the hackers but mining cryptocurrencies was as it represents a more valuable use of the servers.
Gaurav Kumar, the CTO of RedLock told Gizmodo:
“The recent rise of cryptocurrencies is making it far more lucrative for cybercriminals to steal organizations’ computing power rather than their data,”
“In particular, organizations’ public cloud environments are ideal targets due to the lack of effective cloud threat defense programs. In the past few months alone, we have uncovered a number of cryptojacking incidents including the one affecting Tesla.”
Kumar points out that the hackers use a number of tactics to disguise their activity including keeping the CPU usage low, utilizing Stratum mining protocol and ensuring they evade detection by hiding the IP address of the mining pool server under the CloudFlare, and many other tactics.
On addressing how to combat the security issue, Kumar says:
“Organizations of every stripe are fundamentally obliged to monitor their infrastructures for risky configurations, anomalous user activities, suspicious network traffic, and host vulnerabilities. Without that, anything the providers do will never be enough.”
In the comment section below let us know what you think of hackers using Elon Musk Tesla cloud to mine cryptocurrencies? What measures should organizations take to protect themselves?