With the boom in the digital economy, cyber crime has surged. Hackers have even progressed from pulling off scams and stealing money from user wallets, and are now targeting the giant cloud computing rigs of large industries.
A report published on Tuesday by the ‘Cloud Security Intelligence’ team of security firm RedLock revealed that hackers were infiltrating the public cloud computing environment of Tesla, the world’s leading electric car manufacturer, in order to mine cryptocurrency.
Hackers accessed Tesla’s AWS cloud environment using a non-password protected Kubernetes software container. This Kubernetes container was later used to mine cryptocurrency. However, it is not yet known for how long the cryptojacking continued.
Moreover, the hackers were very cautious and refrained from using any already-known mining pools. To complicate the detection process, they put up their own mining software and connected the malicious script to an ‘unlisted’ endpoint. They even kept the CPU usage to a minimum to prevent being spotted.
ACY Securities Supports ASIC’s Product Intervention OrderGo to article >>
According to the published report, Redlock had informed the car manufacturer and their security teams have already addressed the vulnerability.
Replying to an email from VentureBeat, a spokesperson from Tesla wrote: “We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”
This is not a lone incident. In October last year, the same team from Redlock exposed a similar incident in two companies – Aviva and Gemalta.
Redlock’s CTO and head of the CSI team, Gaurav Kumar, said in a statement: “The message from this research is loud and clear — the unmistakable potential of cloud environments is seriously compromised by sophisticated hackers identifying easy-to-exploit vulnerabilities.”
“In our analysis, cloud service providers such as Amazon, Microsoft and Google are trying to do their part, and none of the major breaches in 2017 was caused by their negligence. However, security is a shared responsibility: Organizations of every stripe are fundamentally obliged to monitor their infrastructures for risky configurations, anomalous user activities, suspicious network traffic, and host vulnerabilities. Without that, anything the providers do will never be enough,” he added.