If someone hacks into Tesla’s system it would be assumed that it’s for proprietary information. However, a recent hack on the Tesla’s cloud was done not for the information but to make use of the network to mine for the cryptocurrency. The issue was initially spotted by cloud security firm RedLock. The research team of the firm noticed the mining scripts. Which was spotted when the computers were draining power due to power mining. The scripts were found on the Tesla systems.
The report of the event documented by the firm reported the finding an unprotected Kubernetes console which belonged to the Tesla. Kubernetes is used to deploy and autoscale websites which are hosted on a cloud platform. The open-source Google system is used all over the world to enterprise the world and all the hackers needed to get into Tesla’s environment was one unsecured console. Tesla is currently using web services from Amazon Web, which is the most widespread platform in the market.
RedLock researchers wrote about the incident saying, “The hackers had infiltrated Tesla’s Kubernetes console which was not password protected. Within one Kubernetes pod, access credentials were exposed to Tesla’s AWS environment which contained an Amazon S3 (Amazon Simple Storage Service) bucket that had sensitive data such as telemetry.” The firm said that as the popularity of cryptocurrency is increasing more people are trying to hack into the mining systems.
“The skyrocketing value of cryptocurrencies is prompting hackers to shift their focus from stealing data to stealing compute power in organizations’ public cloud environments. The nefarious network activity is going completely unnoticed.” RedLock said in its blog post.
The firm also released some suggestions for any website to prevent their cloud environment getting hacked. Following are the suggestions the firm released.
Monitor Network Configurations: According to RedLock, the owner of the website should invest in tools that can analyze resources upon creation and then set some policies for that resource.
Monitor Network Traffic: Keep an eye on the daily traffic on your site. This will help to give a clue if the numbers are suspicious. RedLock said that if Tesla was observing their network traffic, this issue could’ve been caught easily.
Look for Suspicious User Behaviour: RedLock recommended to monitoring the baseline used for a constant and later on tracking the even-based anomalies.
A Tesla representative emailed Ars Technica and said, “We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.” This is not the first time when a company has failed to secure their cloud account. A huge breach was faced by the global SIM card maker Gemalto and an insurance company Aviva. While the cryptocurrency is bouncing back from its lowest value, the companies with cloud frameworks should beware of any exploitative hacks.