Data Loss , Insider Threat , Risk Management
Former Employee Accused of Hacking Software as Tesla Warns of 'Sabotage'(euroinfosec) • June 21, 2018
Inside Tesla's factory in Fremont, CaliforniaTesla has filed a lawsuit against a former employee, alleging that he "unlawfully hacked the company's confidential and trade secret information and transferred that information to third parties."
See Also: Matching Application Security to Business Needs
Tesla, which builds electric vehicles, energy storage devices and solar panels, is based in Palo Alto, California.
Tesla's complaint against Martin Tripp.The company's lawsuit names Martin Tripp, a former process technician at the company's Gigafactory in Nevada, who was hired in October 2017. Tesla's Gigafactory is a massive factory under construction in Sparks - outside Reno, Nevada - designed to produce lithium-ion battery packs.
The lawsuit accuses Tripp of violating federal and state trade secrets laws as well as Nevada computer crime laws.
According to the lawsuit, Tripp has admitted to some of the allegations against him, including hacking the company's systems and exfiltrating data to unnamed third parties.
"Tesla has only begun to understand the full scope of Tripp's illegal activity, but he has thus far admitted to writing software that hacked Tesla's manufacturing operating system ('MOS') and to transferring several gigabytes of Tesla data to outside entities. This includes dozens of confidential photographs and a video of Tesla's manufacturing systems," according to the lawsuit.
But Tesla has also accused Tripp of modifying software so as to automatically exfiltrate data as well as laying false flags to make it look like other, innocent employees were responsible for the theft.
"Beyond the misconduct to which Tripp admitted, he also wrote computer code to periodically export Tesla's data off its network and into the hands of third parties," according to the complaint. "His hacking software was operating on three separate computer systems of other individuals at Tesla so that the data would be exported even after he left the company and so that those individuals would be falsely implicated as guilty parties."
The lawsuit says Tripp was privy to private information. "As part of his job, Tripp had access to highly sensitive information relating to, among other things, certain facets of the manufacturing process for the company's battery modules."
Based on the claims, the lawsuit urges the court to help Tesla protect its trade secrets, "including by ordering the inspection of Tripp's computers, personal USB and electronic storage devices, email accounts, 'cloud'-based storage accounts, and mobile phone call and message history to determine the extent to which Tesla trade secrets were wrongfully taken and/or disseminated to others."
Tesla: Warning Signs Led to Transfer
Although Tripp was hired as a process technician, he was transferred to a new, unspecified job role on May 17, following poor performance reviews. "Within a few months of Tripp joining Tesla, his managers identified Tripp as having problems with job performance and at times being disruptive and combative with his colleagues," the lawsuit states.
Tesla says that during interviews with Tesla investigators on June 14 and 15, Tripp admitted to hacking systems and exfiltrating data. "During the interview, Tripp also admitted that he attempted to recruit additional sources inside the Gigafactory to share confidential Tesla data outside the company."
Subsequently, Tripp appears to have been fired.
Tesla's Gigafactory in Sparks, Nevada (Source: Planet Labs)'Please Be Extremely Vigilant'
Elon Musk, the founder and CEO of Tesla, on Sunday told employees in an email, obtained by CNBC, that he learned over the weekend that there had been a saboteur inside Tesla.
"I was dismayed to learn this weekend about a Tesla employee who had conducted quite extensive and damaging sabotage to our operations. This included making direct code changes to the Tesla Manufacturing Operating System under false usernames and exporting large amounts of highly sensitive Tesla data to unknown third parties," Musk wrote.
The employee allegedly said his actions were in reaction to his not having received a desired promotion.
"The full extent of his actions are not yet clear, but what he has admitted to so far is pretty bad. His stated motivation is that he wanted a promotion that he did not receive. In light of these actions, not promoting him was definitely the right move," Musk said.
The CEO also suggested that the case might also be much more complex. "However, there may be considerably more to this situation than meets the eye, so the investigation will continue in depth this week. We need to figure out if he was acting alone or with others at Tesla and if he was working with any outside organizations."
'There is More'
Musk called on employees to "please be extremely vigilant" and to email the company - anonymously or otherwise - if they saw signs of anything suspicious.
Asked Wednesday via Twitter if his email had been referring to the lawsuit against Tripp, Musk responded: "There is more, but the actions of a few bad apples will not stop Tesla from reaching its goals. With 40,000 people, the worst 1 in 1000 will have issues. That's still ~40 people."
Information Security Media Group could not independently confirm any of the claims made in the email or lawsuit.
'Small Fire' at Plant
On Monday, meanwhile, Musk sent another email to employees about a "small fire" on Sunday at the company's Fremont, California, in its "body production line," saying it wasn't clear if it was random.
Tesla said in a statement issued later that day: "Last night, there was smoldering in an air filter in the welding area of the body line. The smoldering was extinguished in a matter of seconds. There were no injuries or significant equipment damage, and production is back online."
In his email, obtained by CNBC, Musk again asked employees to "please be on the alert for anything that's not in the best interests of our company."
The Tesla CEO, drawing on former Intel CEO Andy Grove's famous maxim, told employees: "Only the paranoid survive."