UPDATED 08:59 EST / FEBRUARY 20 2018

INFRA

Confidential data stolen from Tesla after staff failed to secure cloud server

Updated:

Elon Musk may be able to send a Tesla Inc. vehicle into space, but apparently his staff can’t secure data online so easily. A shocking report released this morning details the theft of data from the electric car company, blaming it on gross staff incompetency.

According to researchers at cloud security firm RedLock Ltd., hackers infiltrated Tesla’s Kubernetes software console after the company failed to secure it with a password. Within one of the Kubernetes pods, a group of software containers deployed on the same host, sat the access credentials to Telsa’s Amazon Web Service Inc. account.

The hackers then stole confidential data, including vehicle telemetry, from an AWS S3 storage instance. It’s not clear from the report whether any of the data included personal identifying information relating to Tesla customers but the hackers were able to steal confidential data from the company.

Because it’s the fashion in 2018, the hackers then installed cryptomining software, including sophisticated evasion measures to hide the installation. Among measures to hide their activities: The hackers did not use a public mining pool and instead installed mining pool software on Tesla’s Kubernetes console, for one. They also hid the true IP address of the mining pool server behind CloudFlare’s content delivery network service and configured the mining software to listen on a nonstandard port, making it more difficult to detect. Finally, they configured the mining software to keep usage low to avoid computer processor spikes that may have resulted in detection.

Details of the Tesla data breach and cryptomining hijacking were detailed in Cloud Security Trends February 2018, a new report from RedLock’s CSI team that looks at the current state of cloud security, including cryptocurrency hacking.

“The message from this research is loud and clear — the unmistakable potential of cloud environments is seriously compromised by sophisticated hackers identifying easy-to-exploit vulnerabilities,” RedLock Chief Technology Officer Gaurav Kumar said in a statement.

“In our analysis, cloud service providers such as Amazon, Microsoft and Google are trying to do their part, and none of the major breaches in 2017 was caused by their negligence,” he added. “However, security is a shared responsibility: Organizations of every stripe are fundamentally obliged to monitor their infrastructures for risky configurations, anomalous user activities, suspicious network traffic, and host vulnerabilities. Without that, anything the providers do will never be enough.”

Update: A Tesla spokesperson provided the following statement to SiliconANGLE: “We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”

Photo: Best Dash Cam Accidents

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU