fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Russian Pleads Guilty To Tesla Hacking And Extortion Attempt

Russian Pleads Guilty To Tesla Hacking And Extortion Attempt

Russian national Egor Igorevich Kriuchkov has pleaded guilty to recruiting a Tesla employee to plant malware designed to steal data within the network of Tesla’s Nevada Gigafactory.

His end goal was to extort the company using the sensitive information stolen from Tesla’s servers as leverage to convince the company to pay a ransom to avoid having the data leaked.

To convince the company’s employee to act as an insider for his criminal gang, Kriuchkov told him that he would be paid $1,000,000 worth of bitcoins after the malware got deployed on the company’s network, according to court documents.

Plans foiled after a series of other ransom attacks

Kriuchkov also told the Tesla employee that he was earlier involved in other similar “projects” where one of the victim companies paid $4 million after negotiating down from an initial $6 million ransom.

Kriuchkov explained that “the ‘group’ has performed these ‘special projects’ successfully on multiple occasions, and identified some of the targeted companies,” according to the indictment.

The Tesla employee was also told that during their “special project” targeting Tesla’s network, the criminals would launch a Distributed Denial of Service (DDoS) attack to divert attention from the insider’s attempt to deploy malware.

The employee would have also had to provide info on Tesla’s network to help with the malware’s development process.

However, the 27-year-old defendant’s plans were thwarted by the FBI after the Tesla employee revealed Kriuchkov’s attempts to recruit him via WhatsApp and in multiple face-to-face meetings where they discussed details of the conspiracy.

Tesla’s CEO, Elon Musk, later confirmed in a Twitter reply that Kriuchkov was indeed trying to recruit a Tesla employee to help with his extortion scheme.

Also Read: What Do 4 Messaging Apps Get From You? Read The iOS Privacy App Labels

The defendant was arrested in August 2020 after he received a phone call from an FBI agent and hurried to leave the US to avoid getting caught.

He was indicted one month later and was charged with a count of conspiracy to intentionally cause damage to a protected computer, facing a statutory maximum sentence of five years in prison and a $250,000 fine.

“The swift response of the company and the FBI prevented a major exfiltration of the victim company’s data and stopped the extortion scheme at its inception,” Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division said.

“This case highlights the importance of companies coming forward to law enforcement, and the positive results when they do so.”

Also Read: Key PDPA Amendments 2019/2020 You Should Know

According to the guilty plea, Kriuchkov agreed to a sentence within four to ten months of imprisonment and three years of supervised release.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us