Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security

6/22/2018
09:35 AM
Scott Ferguson
Scott Ferguson
News Analysis-Security Now
50%
50%

Tesla Lawsuit Claims Insider Breached Company Security

Tesla has filed a lawsuit against a former employee, claiming he violated company policies, damaged equipment and stole data. The truth is more complicated but the incident shows the threats insiders can pose.

These are trying times for Tesla.

At one point, the ultracool electric car company could do wrong, with founder and CEO Elon Musk heralded as one of the most innovative minds in technology. If Tesla could remake the car industry for the next century, then anything is possible.

However, over the last few months the company has come under more scrutiny due a pair of fatal crashes involving Tesla vehicles, pressure to produce more cars, complaints from Wall Street and investors as well as Musk's somewhat erratic behavior on social media.

Then came the memo early this week, written by Musk, claiming the company was investigating a case of internal sabotage carried out by a rogue employee.

(Source: iStock)
(Source: iStock)

On June 19, the company filed a lawsuit in US District Court in Nevada against the employee, Martin Tripp, who Tesla's attorney's charged "unlawfully hacked the company's confidential and trade secret information and transferred that information to third parties."

Specifically, the lawsuit claims:

…he also wrote computer code to periodically export Tesla's data off its network and into the hands of third parties. His hacking software was operating on three separate computer systems of other individuals at Tesla so that the data would be exported even after he left the company and so that those individuals would be falsely implicated as guilty parties.

These types of lawsuits and accusations -- it's not clear if there is a criminal case being pursued -- are never clear-cut and Tripp himself told CNN that after working at Tesla Gigafactory in Nevada, he came to believe the company was producing faulty batteries for its vehicles and he blew the whistle.

However, what the case does show is another example of what many enterprises face: insider threats that put data, whether it's company or personal information, at risk.

These types of threats are also not confined to well-known brands such as Tesla. Atlanta-based SunTrust Banks is investigating its own case of an insider stealing data to sell to a third party. (See SunTrust Investigation Shows Continuing Threats Posed by Insiders.)


Boost your understanding of new cyber security approaches at Light Reading's Automating Seamless Security in Carrier & Enterprise Networks event on October 17 in Chicago! Service providers and enterprises receive FREE passes. All others can save 20% off passes using the code LR20 today!

Not to be outdone, the CIA is also reportedly probing its own insider problem as well. (See FBI Suspects Former CIA Worker of Vault 7 Leak Report.)

By some estimates, insider threats can cost an enterprise more than $8 million to recover from, whether it's an employee with malicious intentions to steal and sell data, or a careless worker who causes a breach. (See Insider Threats Cost Enterprises More Than $8M Every Year Report.)

In an email, Joseph Carson, the chief security scientist at security vendor Thycotic, noted that incidents such as Tesla, SunBank and others show my enterprises of all sizes need to not only restrict access to data, but also manage who has access to data and change those privileges as needed.

"Organizations continue to fail at the most important aspect on restricting privileged access which is proactively discovering privileged accounts in the environment," Carson wrote to Security Now. "It appears that Telsa has failed to do that most important step in the least privilege: discovering and detecting unapproved privileged access. This will likely be a major lesson for Telsa."

Related posts:

— Scott Ferguson is the managing editor of Light Reading and the editor of Security Now. Follow him on Twitter @sferguson_LR.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Data Breaches Affect the Enterprise
Data breaches continue to cause negative outcomes for companies worldwide. However, many organizations report that major impacts have declined significantly compared with a year ago, suggesting that many have gotten better at containing breach fallout. Download Dark Reading's Report "How Data Breaches Affect the Enterprise" to delve more into this timely topic.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-20859
PUBLISHED: 2021-12-01
ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-19...
CVE-2021-20860
PUBLISHED: 2021-12-01
Cross-site request forgery (CSRF) vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and ...
CVE-2021-20861
PUBLISHED: 2021-12-01
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC...
CVE-2021-20862
PUBLISHED: 2021-12-01
Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-175...
CVE-2021-20863
PUBLISHED: 2021-12-01
OS command injection vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GS...