Tesla’s insider threat
The specter that is the insider threat is alive and well and can still pose cybersecurity challenges that may go overlooked. One angle of the insider threat that gets little attention is when an outsider attempts to exert influence over an insider at a company to exfiltrate insider information and trade secrets such as security practices, IT systems and business practices.
Recently, this very situation occurred regarding an employee of the next-generation auto company Tesla.
Just meeting with an old acquaintance
This tale of insider threat and industrial espionage not going bad begins with a non-U.S. citizen, a Russian-speaking Tesla employee working at the Tesla Gigafactory located in Nevada. Since the identity of this Tesla employee has not been revealed to the public, we will refer to him simply as “the employee.”
On July 16, 2020, the employee was contacted on WhatsApp by a former associate known as Egor Igorevich Kriuchkov. Kriuchkov invited the employee to a seemingly benevolent meeting in Sparks, Nevada, for drinks. Between August 1 and August 3, the employee, some Tesla co-workers and Kriuchkov met up for some fun which included a trip to Lake Tahoe, a popular recreation spot. This was