Typically, ransomware gangs operating from safehouses hack into victim networks on the internet and download data before activating the ransomware.

Russian admits plot against Tesla in Nevada

Febin MathewMarch 21, 21 Elon Musk, Nevada, Tesla

Russian man pleads guilty in US to offering Tesla employee $1 million to cripple electric car company’s massive electric battery plant in Nevada with ransomware and steal company secrets for extortion , prosecutors and court records said.

In a case that cybersecurity experts called exceptional for the risks he took, Egor Igorevich Kriuchkov pleaded guilty on Thursday in US District Court in Reno. His court-appointed federal public defender, Chris Frey, declined to comment on Friday.

Prosecutors alleged that Kriuchkov acted on behalf of co-conspirators abroad and attempted to use face-to-face corruption to recruit an insider to physically install ransomware, which scrambles data on targeted networks and does not can be unlocked only with a software key provided by the attackers. . Typically, ransomware gangs operating from safehouses hack into victim networks on the internet and download data before activating the ransomware.

“The fact that such a risk was taken could perhaps suggest that it was an intelligence operation aimed at obtaining information rather than an extortion operation aimed at obtaining money,” said Brett Callow, cybersecurity analyst at antivirus software publisher Emsisoft.

It’s also possible that the criminals thought the bet was worth it and decided to roll the dice, Callow said.

Charles Carmakal, CTO of cybersecurity firm FireEye, agrees. You could have done it thousands of miles away without risking any assets, he said.

The FBI said the plot was stopped before any damage occurred.

Kriuchkov, 27, told a judge in September that he knew the Russian government was aware of his case. But prosecutors and the FBI have not alleged ties to the Kremlin. Kriuchkov is being held by the federal government at Washoe County Prison in Reno.

His guilty plea for conspiracy to intentionally damage a protected computer could have earned him up to five years in prison and a fine of $250,000. But he is not expected to face more than 10 months under his written plea agreement.

He has already been in detention for seven months, since his arrest in August in Los Angeles. Federal officials said he was heading for an airport to leave the country.

“The swift response from the company and the FBI prevented a major exfiltration of victim company data and ended the extortion program from its inception,” Acting Deputy Attorney General Nicholas McQuaid said in a statement. This case highlights the importance for businesses of coming forward to law enforcement and the positive results they are doing.

Tesla CEO Elon Musk admitted his company was the target of what he called a serious effort to collect company secrets. Tesla has a massive factory near Reno that manufactures batteries for electric vehicles and energy storage units. Company representatives did not immediately respond to the messages on Friday.

Court documents indicate that Kriuchkov was in the United States for more than five weeks last July and August on a Russian passport and tourist visa when he attempted to recruit an employee of what has been identified as the “company”. A to install software that enables hacking.

The employee, who has not been identified, was to receive payments in the digital cryptocurrency Bitcoin.

No other alleged co-conspirator has been charged in this case. Some have been identified in a criminal complaint by nicknames such as Kisa and Pasha, and one person is identified as Sasha Skarobogatov.

Some meetings were monitored and recorded by the FBI, according to court documents. It was not clear from court records whether the money was changing hands.

In court documents, Kriuchkov reportedly said internal work would be camouflaged by a distributed denial of service attack on the factory’s computers from outside. Such attacks overwhelm servers with unwanted traffic. If Tesla didn’t pay, the stolen data would be dumped on the open internet.

The documents also indicate that Kriuchkov told the potential recruit that he carried out similar “special projects” on other companies on several occasions, with one victim allegedly paying a ransom of $4 million.