Blog: Hackers hijack Tesla systems

March 6th, 2018

Reports have emerged that hackers gained access to Tesla compute resources to carry out what is called “cryptojacking,” where computers are hijacked to mine cryptocurrencies. Mining a bitcoin transaction requires immense computing resources to authenticate a transaction. On successfully authenticating a transaction the “miner” receives a financial reward. Instead of maintaining the computing resources needed to “mine” the cryptocurrency, the hackers stole Tesla’s Amazon Web Services cloud resources.

While individuals can opt to use their own PCs to mine cryptocurrency via specialist software, hackers have also been surreptitiously hijacking computers to steal compute power for the same purpose. They then reap the financial benefits of the cryptocurrency mining. By stealing compute resources, hackers avoid the energy costs of powering the systems that are doing the work.

The Tesla intrusion involved accessing a cloud system. In this case the hackers not only gained unauthorized access to non-public Tesla data, but were also stealing compute resources within Tesla’s Amazon Web Services (AWS) environment for cryptojacking.

Specifically, the hackers gained access to an administrative console on an open source software used by Tesla to manage applications. This was then used to expose access credentials to the company’s AWS cloud, which in turn gave access to non-public Tesla information stored on Amazon’s Simple Storage Service (S3).

The Elon Musk-led technology company said in a statement to the media that hackers only gained access to a limited amount of data and that no customer data was compromised.

Crowe Mackay cybersecurity team helps establish an effective cybersecurity governance, risk and compliance (GRC) structure, and delivers a range of specialized cybersecurity risk management services.

Stay Connected. Sign up to receive our quarterly newsletter, important tax and financial insights, specialized reports and bulletins.

Our Clients Speak