News broke today that Tesla CEO Elon Musk sent an email to all employees on Monday morning about a factory fire, and seemed to reference possible sabotage. It is reported that Musk also sent an email to all employees at Tesla late on Sunday night alleging that he has discovered a saboteur in the company’s ranks.
Elon Musk emailed his employees outlining an individual had carried out, “quite extensive and damaging sabotage” to the organisational operation, the user activity included making alterations to code and exporting sensitive information.
We all know, there is never a good time to suffer a security incident, however during a period where Tesla is under fierce pressure to produce 5,000 Model 3s per week by the end of this quarter, the timing could be catastrophic!
ACT FAST! IDENTIFY AN INSIDER THREAT BEFORE A DATA LEAK
Tampering with Tesla code could have truly lethal consequences for its customers on the road, so this the severity of this sabotage cannot be understated. This, combined with the exporting of highly sensitive data to unknown third-parties, is a shocking example of the damage that can be caused by insider threats — in this case, clearly malicious rather than accidental. As Musk says himself, the full extent of the saboteur’s actions are not yet clear, but we do know that the prime motivation behind this crime was vengeance after being denied a promotion.
The ramifications of this insider attack could lead to Tesla Intellectual Property (IP) getting in the hands of automotive competitors or the types of industries mentioned by Musk that might not want, for example, low-carbon ventures to succeed. Protecting IP is paramount for a company like Tesla, whose product is inextricably linked with human lives. Now, following on from this IP theft, Musk is scrambling to find out whether this disgruntled employee was acting alone or with others at Tesla — and, crucially, if he was working with any external organisations.
No doubt Musk is under fire from the media, with internal reports of ambitious production schedules, but — from a cyber security perspective — both the technology and culture within his company need to be addressed. Machine learning capabilities can flag suspicious behaviour within a company after building a picture of ‘normal’ behaviour. This, combined with a robust company-wide education programme that encourages an open culture of security, is vital for keeping sensitive data within a company. Undoubtedly, the blame culture of IT security needs to change, so that insider threats can be spotted and managed before they cause extensive damage.
THE NUMBERS: INCREASING INTERNAL THREATS TO DATA
But Tesla are not alone! The insider threat is now one of the major concerns in cybersecurity, with good reason. Merely a few months ago, it was revealed that organisations are feeling the pressure from insider threats. To this end, they are ramping up detection, prevention, and remediation. According to Haystax Technology, in 2017, 90% of organisations reported feeling vulnerable to insider attacks — up from 64% in 2015. What’s more, this looks set to rise to 99% in 2018, thanks partly to the heightened risk from regular employees, who are predicted to overtake the privileged users this year in terms users who pose the highest internal risk for organisations.
At EveryCloud, we partner with ZoneFox as we work with clients across the globe to mitigate the risk of the insider threat. Our platform would have identified the unauthorised access of Tesla’s code as well as any significant movement of data across the business and anomalous user behaviours.
Our use cases and client requirements differ wildly from ransomware and policy violation, to anomalous behaviour and compliance breaches, risk around your data has never looked so diverse. Why not download our Insider Threat Profiles to see if you recognise any threats within your organisation, you can also download our Insider Threat Toolkit for guides on implementing security policies, delivering training and managing internal threats to data.
To book your demo to see how we may protect – http://info.zonefox.com/demo-request-everycloud