HACKERS HAVE EXPLOITED Tesla's cloud environment to use its compute power to mine cryptocurrencies and catch a glimpse of the car maker's sensitive data.
The breach was discovered by RedLock security researchers, who were searching for the organisation behind an Amazon Web Services (AWS) account that was left open to the public; the account happened to belong to Elon Musk's Tesla.
The security boffins found data in the account that led them to an unsecured Kubernetes container console, which they discovered has enabled hackers to access Tesla's AWS cloud environment.
"In Tesla's case, the cyber thieves gained access to Tesla's Kubernetes administrative console, which exposed access credentials to Tesla's AWS environment," the researchers said.
"Those credentials provided unfettered access to non-public Tesla information stored in Amazon Simple Storage Service (S3) buckets."
RedLock's researchers continued to dig and discovered that cryptocurrency mining scripts had been operating on Tesla's Kubernetes instances.
Effectively, hackers were using Tesla's section of the mighty AWS public cloud to syphon off compute power to generate digital money, essentially making money off someone else's back. Clearly, access to the cloud power was more valuable than the Tesla data contained in the S3 buckets.
The hackers kept their 'cryptojacking' activity under Tesla's radar by installing mining pool software instead of using public mining pools, and then directed the script to connect to an unlisted endpoint that makes it difficult for threat detection systems reliant on spotting rogue IP-addresses and domains to spot.
Like good cybersecurity types, the researchers alerted Tesla to the breach and the security hole has since been plugged, though we bet a few Tesla IT bods felt a bit embarrassed.
While the hype around cryptocurrencies builds we're likely to see more of such cryptojacking hacks. But the real crux of the problem stems from Tesla not having enough due diligence over its cloud security, highlighting that one of the downsides of cloud computing is that some people may think it handles every little configuration for them.
While the likes of AWS and Microsoft Azure will do their best to take care of the IT heavy-lifting, administrators do need to be involved in the process, rather than sit back and dream of being Mr Robot.
"Security is a shared responsibility: Organisations of every stripe are fundamentally obliged to monitor their infrastructures for risky configurations, anomalous user activities, suspicious network traffic, and host vulnerabilities. Without that, anything the providers do will never be enough," highlighted RedLock's CTO Gaurav Kumar, and quite rightly so. µ
Hashes to hashes
Team Green cranks the Super GPU machine
Also, the moon on a stick