Tesla Cloud Hacked, Used To Mine For Cryptocurrency

A cloud environment owned and operated by Tesla was breached back hackers who used the company’s compromised machines and computer resources to mine for cryptocurrency, according to security researchers .

In a report published this week by security firm RedLock, it was revealed that Tesla suffered a breach as a result of the vehicle manufacturer failing to password protect an open-source system that contained keys to access the company’s cloud.

According to the report, once the attackers gained access to Tesla’s cloud servers, they began running a cryptocurrency mining protocol called Stratum to mine for valuable digital currency that they could pocket and profit off of.

“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it," Tesla said in a statement provided to International Business Times. "The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”

The attackers used Tesla’s cloud environment to do the dirty work of the mining process, essentially making the company’s computer do all the work while pocketing all of the profits generated from the operation.

A protocol called Stratum was used to carry out the attack, and the hackers managed to evade detection by obscuring the true IP address of the mining server and keeping the CPU usage low so as to not raise any suspicion.

“Mining cryptocurrency requires resources, and there’s no reason that criminals wouldn’t look for the same advantages from the cloud as other organizations,” Tim Erlin, vice president of product management and strategy at security firm Tripwire , told IBT. “Why make the effort of getting a human being to pay a ransom when you can use their resources to generate your own?”

Cryptojacking efforts like the one that hit Tesla are growing increasingly common. According to RedLock, nearly one in 10 organizations will face cryptojacking attacks, most of which are likely to go undetected. The security firm also found that 58 percent of organizations have “publicly exposed at least one cloud storage service” like Tesla did.

“We’ve seen numerous incidents with insecure configurations at their root,” Erlin said. “Organizations with cloud infrastructure must establish baselines for secure configurations and monitor them for changes.”

Mining for cryptocurrency is a task that involves solving complicated mathematical problems, which help to confirm and process transactions made with the digital coins. People lend their computing power to the compute-intensive process in order to solve the equations and receive a share of the currency as a reward for contributing.

Sam Bisbee, chief security officer at security firm Threat Stack , told IBT, “In order to address the challenges of cloud security and improve the situation, organizations must realize that cloud data security starts with knowing whether the services you use are risk-appropriate for the data stored there. IT and security professionals have to maintain an understanding of the value and sensitivity of their data in relation to where they store it.”

Bisbee said it can be a challenge to maintain security visibility for organization that have grown over time, but said it’s critical to recognize the damage that can be done by just one exposure. “Organizations must continually audit their environments to ensure that the correct protocols and controls are in place and their customers are not being exploited,” he said.