Tesla, the automobile manufacturer founded by Elon Musk, is the latest victim of hackers that hijacked the company’s Amazon cloud account to mine cryptocurrency.
Utilizing the immense power of the cloud to mine cryptocurrency isn’t a new concept, but hackers hijacking cloud resources for that purpose is a growing trend that cybersecurity experts are seeing at an accelerated pace.
Cryptojacking: A Growing Security Problem
Cryptojacking, as it is called, is a growing security concern for enterprises, governments, and even individuals. Last year, numerous news sources reported on the prevalence of malicious cryptojacking code being utilized by thousands of websites. This code exploits weaknesses in the user’s browser to utilize the system’s spare CPU cycles to mine cryptocurrency.
Often, it isn’t even the owners of the website that are placing the malicious code there.
This is all done without the user’s knowledge or intended participation. This doesn’t just affect PC users, but smartphone users, too. A recent report from Malwarebytes found that millions of Android users have been potentially exposed to cryptojacking code.
Once clock cycles have been utilized in cryptomining, the efforts are put towards the anonymous account of the code’s author. While a single device doesn’t generate a lot of income, millions certainly could.
Cryptojacking the Cloud
The cloud offers a unique target for cryptojackers. It’s scalable, well connected, and accessible from anywhere in the world.
In a recent report from RedLock, a security startup, Tesla’s Amazon cloud account was used to mine cryptocurrency by a group of hackers. Not only that, but the unidentified intruders also had access to private data stored on that account.
The report states that Kubernetes administration consoles were accessible due to absent password protection. Once hackers gained access to an open console, credentials to other cloud-based applications were uncovered. Tesla’s AWS environment, including information stored in Tesla’s Amazon Simple Storage Service (S3) buckets, were then made available to hackers.
In a note to Engadget, Tesla gave the following statement:
“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”
The cloud presents its own set of unique security concerns for IT professionals. Public cloud adoptions has been hindered by such security concerns in the past. Often, the vulnerabilities come by way of a single unsecured component. For example, it was recently discovered that an unsecured FedEx cloud storage bucket potentially exposed nearly 120,000 private documents.
In the case of this latest breach, it appears the only victim of the event was Tesla and its compute resources.