Posted on February 22, 2018 at 5:39 AM
This latest incident proves that not even sophisticated tech companies such as Tesla are safe from being hacked by cryptocurrency-hungry cybercriminals.
The reputable cybersecurity firm, Redlock, has just confirmed that hackers have managed to successfully access and compromise Tesla’s cloud service to use the tech firm’s ample computing resources to mine cryptocurrencies.
Redlock released a report earlier this week which included details on certain external threats to Tesla’s cloud security that was discovered by the Redlock Cloud Security Intelligence team. The threats, however, were addressed immediately after Redlock reported it to Tesla. The Redlock team discovered that the major electric car manufacturer was operating hundreds of open-source systems which was not password protected. This massive lack of security enabled hackers to infiltrate the company’s Amazon cloud system.
No Tesla customer or car affected
However, a Tesla spokesperson has confirmed that there is currently no reason to believe that this security flaw has put customer records at risk or compromised the company’s general security.
The spokesperson added that Tesla has a bug bounty programme to encourage cybersecurity experts to reach out to them to point out system flaws that might escape their notice. In this particular instance, Tesla successfully addressed the security concern within hours of being notified of the problem. According to the spokesperson the security flaw has mainly affected the company’s internally manufactured test cars and that there is currently no reason to believe that customer privacy or vehicle safety is at risk.
Tesla hacked for cryptocurrency
RedLock security experts believe that Tesla was likely hacked for the purpose of using their powerful servers for covertly mining cryptocurrency.
According to the cybersecurity firm’s CTO, Gaurav Kumar, considering cryptocurrency’s increasing prices cybercriminals are hacking into company servers to mine cryptocurrency profitably on a large scale. Kumar added that company servers are ideal targets since most companies do not use effective security measures. The CTO stated that RedLock has uncovered several similar incidents in the last few months.
According to Kumar, most attackers use the Stratum mining protocol to avoid being detected as well as to hide their IP addresses and keep the company’s CPU usage low to avoid arousing any suspicion.
Cloud security needs attention
The CTO stressed that these attacks are becoming more frequent partly because cloud servers are easy targets. They provide quicker and more profitable mining and are easy to break into as most companies do not spend the time and resources on properly securing their cloud servers. However, Kumar noted that it is important for any company to ensure that they monitor their cloud servers for any strange activity and ensure that they are using adequate security measures.
Interestingly, the CTO added that breaches of this kind were very seldom the fault of the cloud host, but that the affected company should shoulder the blame instead.
According to RedLock, at least 8% of all companies worldwide will likely experience a cryptojacking sometime in the future, however since most companies do not monitor their cloud systems, some might not even pick up on it.
In addition, the cybersecurity company estimates that over 73% companies allow activity on their cloud servers that goes directly against security best practices while 16% of accounts have already been compromised. Worryingly, RedLock estimates that at least 55% of companies have exposed their cloud storage service publicly at least once, and another statistic states that at least 66% of cloud storage databases are not even encrypted.