Tesla Motors recently announced its entry in India through tax-friendly jurisdiction of Dutch to invest in India. Tesla has registered its Indian Subsidiary in Bangalore and finalized its headquarters also along with 3 Directors appointed.
But Tesla needs to consider their Security Measures also, Yes. Recent attacks on illicit Cryptocurrency mining now targets Tesla also. Recently Researchers from a defense firm REDLOCK found an mining malware in Tesla’s Amazon Web Services.
The cloud monitoring and defense firm who were at the work found that some of Tesla’s Amazon web services was helping the threat actors in mining with a help of a mining malware in a Stealthy cryptojacking campaign.
Once Tesla comes to know about this incident from the researchers and the company decontaminate and took all the preventive and mitigation remediation by lock down its cloud platform with in a day.
Tesla motors initial statement on this incident was that the data exposure was very minimal and not to worry but the resources impact could be heavier in terms of huge electric bill.
How the Hack Happened?
A usual scanning over the public misconfigured and unsecured servers the researchers come to know that a “open server was running Kubernetes, which was doing crypto mining” says Gaurav Kumar, Chief Technology Officer of RedLock. and they found that belongs to Tesla.
Attackers accessed the Kubernetes Console, an administrative portal for cloud application management was not having any password protection. From there attackers found the console or storage containers, included login credentials for a broader Tesla Amazon Web Services cloud environment and deployed their scripts to establish their crypto-jacking operation. which is using stratum bitcoin mining protocol.
RedLock researchers were awarded with more than $3000 bounty for the found by Tesla.
It is tedious to meter how much the attackers accomplished before being discovered. The compromised Cloud Platform contained an S3 Bucket that holds various sensitive data, like vehicle and mapping information and other instrument telemetry.
Tesla Spokesperson said in a statement “We addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”
What will happen in future?
Hence the Public Cloud Platforms are increasing these days, hackers targets these type of cloud platform for cryptojacking campaigns because they can mine huge amount of bitcoins under the radar utilizing huge amount of processing power.
It is just an another example for such kind of attacks. Still attackers are mining more than $3 Million from the misconfigured servers like the one Jenkins faced.
Hackers targets public cloud because of its downside that the user error is higher and easy to target.
Organizations need to improvise and enhance in their security models and Policies for strict and proper security for their assets.
Hope nothing happens with our assets after Tesla gave its Huge entry in India.
Thank you for Reading.
You can follow us in Linkedin, Twitter and Facebook for more information.
“Security Starts with in Yourself”
-Security Analyst & Trainer.