Honolulu Star-Advertiser

Saturday, December 14, 2024 77° Today's Paper


News

Russian man pleads guilty in Nevada to plot to extort Tesla

ASSOCIATED PRESS / 2018
                                A sign marks the entrance to the Tesla Gigafactory in Sparks, Nev. A Russian citizen has pleaded guilty to offering a Tesla employee $1 million to get malware into the electric car company’s plant in Nevada and enable a ransomware attack. Attorneys representing Egor Igorevich Kriuchkov did not immediately respond Friday, March 19, to messages about his Thursday plea in U.S. District Court in Reno.
1/2
Swipe or click to see more

ASSOCIATED PRESS / 2018

A sign marks the entrance to the Tesla Gigafactory in Sparks, Nev. A Russian citizen has pleaded guilty to offering a Tesla employee $1 million to get malware into the electric car company’s plant in Nevada and enable a ransomware attack. Attorneys representing Egor Igorevich Kriuchkov did not immediately respond Friday, March 19, to messages about his Thursday plea in U.S. District Court in Reno.

WASHOE COUNTY SHERIFF’S OFFICE VIA AP / 2020
                                County Sheriff’s Office shows Egor Igorevich Kriuchkov, who pleaded guilty in federal court on Thursday, March 18, to a conspiracy charge, admitting he offered a Tesla employee $1 million to cripple the electric car company’s plant in Nevada with ransomware in an extortion scheme.
2/2
Swipe or click to see more

WASHOE COUNTY SHERIFF’S OFFICE VIA AP / 2020

County Sheriff’s Office shows Egor Igorevich Kriuchkov, who pleaded guilty in federal court on Thursday, March 18, to a conspiracy charge, admitting he offered a Tesla employee $1 million to cripple the electric car company’s plant in Nevada with ransomware in an extortion scheme.

ASSOCIATED PRESS / 2018
                                A sign marks the entrance to the Tesla Gigafactory in Sparks, Nev. A Russian citizen has pleaded guilty to offering a Tesla employee $1 million to get malware into the electric car company’s plant in Nevada and enable a ransomware attack. Attorneys representing Egor Igorevich Kriuchkov did not immediately respond Friday, March 19, to messages about his Thursday plea in U.S. District Court in Reno.
WASHOE COUNTY SHERIFF’S OFFICE VIA AP / 2020
                                County Sheriff’s Office shows Egor Igorevich Kriuchkov, who pleaded guilty in federal court on Thursday, March 18, to a conspiracy charge, admitting he offered a Tesla employee $1 million to cripple the electric car company’s plant in Nevada with ransomware in an extortion scheme.

RENO, Nev. >> A Russian man has pleaded guilty in the U.S. to offering a Tesla employee $1 million to cripple the electric car company’s massive electric battery plant in Nevada with ransomware and steal company secrets for extortion, prosecutors and court records said.

In a case that cybersecurity experts called exceptional for the risks he took, Egor Igorevich Kriuchkov pleaded guilty Thursday in U.S. District Court in Reno. His court-appointed federal public defender, Chris Frey, declined Friday to comment.

Prosecutors alleged that Kriuchkov acted on behalf of co-conspirators abroad and attempted to use face-to-face bribery to recruit an insider to physically plant ransomware, which scrambles data on targeted networks and can only be unlocked with a software key provided by the attackers. Typically, ransomware gangs operating from safe havens hack into victim networks over the internet and download data before activating the ransomware.

“The fact that such a risk was taken could, perhaps, suggest that this was an intelligence operation aimed at obtaining information rather than an extortion operation aimed at obtaining money,” said Brett Callow, a cybersecurity analyst at anti-virus software company Emsisoft.

“It’s also possible that the criminals thought the gamble was worth it and decided to roll the dice,” Callow said.

Charles Carmakal, chief technical officer at cybersecurity firm FireEye, agreed. “You could have potentially done it from thousands of miles away without risking any asset,” he said.

The FBI said the unnamed prospective recruit informed Tesla and cooperated with the FBI, and the plot was stopped before any damage happened.

Kriuchkov, 27, told a judge in September that he knew the Russian government was aware of his case. But prosecutors and the FBI have not alleged ties to the Kremlin. Kriuchkov is in federal custody at the Washoe County jail in Reno.

His guilty plea to conspiracy to intentionally cause damage to a protected computer could have gotten him up to five years in prison and a $250,000 fine. But he’s expected to face no more than 10 months under terms of his written plea agreement.

He already has been in custody for seven months, since his arrest in August in Los Angeles. Federal authorities said he had been heading to an airport to fly out of the country.

“The swift response of the company and the FBI prevented a major exfiltration of the victim company’s data and stopped the extortion scheme at its inception,” Acting Assistant Attorney General Nicholas McQuaid said in a statement. “This case highlights the importance of companies coming forward to law enforcement, and the positive results when they do so.”

Tesla CEO Elon Musk has acknowledged his company was the target of what he termed a serious effort to collect company secrets. Tesla has a massive factory near Reno that makes batteries for electric vehicles and energy storage units. Company representatives did not immediately respond Friday to messages.

Court documents say Kriuchkov was in the United States for more than five weeks last July and August on a Russian passport and a tourist visa when he tried to recruit an employee of what was identified as “Company A” to install software enabling a computer hack.

The employee, who was no identified, was to receive payments in the digital cryptocurrency Bitcoin.

No other suspected co-conspirators were charged in the case. Some were identified in a criminal complaint by nicknames including Kisa and Pasha, and a person is identified as Sasha Skarobogatov.

Some meetings were monitored and recorded by the FBI, according to court documents. It was not clear from court records if money changed hands.

In court documents, Kriuchkov was quoted saying the inside job would be camouflaged with a distributed denial of service attack on plant computers from outside. Such attacks overwhelm servers with junk traffic. If Tesla didn’t pay, the purloined data would be dumped on the open internet.

The documents also said Kriuchkov claimed to the prospective recruit that he had executed similar “special projects” on other companies on multiple occasions, with one victim supposedly surrendering a $4 million ransom payment.

By participating in online discussions you acknowledge that you have agreed to the Terms of Service. An insightful discussion of ideas and viewpoints is encouraged, but comments must be civil and in good taste, with no personal attacks. If your comments are inappropriate, you may be banned from posting. Report comments if you believe they do not follow our guidelines. Having trouble with comments? Learn more here.