Hackers infiltrated Tesla (Electric vehicle company) which is in Amazon cloud environment
By MYBRANDBOOK
Hackers infiltrated Tesla (Electric vehicle company) which is in Amazon cloud environment and stole computer resources to mine for cryptocurrency, according to the security firm RedLock. There is new trend in security is going on like cryptojacking incidents. With this a question mark is on whether the public cloud is safe to deploy? Breaches at cloud service providers were almost never the fault of the host-Amazon, Microsoft, Google. As the public cloud security is a shared responsibility. Organizations of every stripe are fundamentally obliged to monitor their infrastructures for risky configurations, anomalous user activities, suspicious network traffic, and host vulnerabilities.
Public cloud environments are ideal targets due to the lack of effective cloud threat defense programs. According to RedLock’s Cloud Security Report-alert Tesla as soon as about the intrusion and the vulnerability was addressed, where unstructured data was there. The electric vehicle company was reportedly running one of hundreds of open-source systems and the found accessible online without password protection. The exposure allowed hackers to access Tesla’s Amazon cloud environment, RedLock said.
Tesla spokesperson said there is “no indication” the breach impacted customer privacy or compromised the security of its vehicles. “We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. “The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.
According to RedLock, mining cryptocurrency is likely a more valuable use of Tesla’s servers than the data it stores. The crooks employed cryptocurrency mining software called Stratum, but the researchers said they were uncertain of the type and amount of virtual loot mined. They were also unsure how long the intruders had access. The recent rise of cryptocurrencies is making it far more lucrative for cybercriminals to steal organizations’ compute power rather than their data.
The hackers hid their tracks using Stratum mining protocpl and find the clever tricks of hiding true IP address of mining pool server by keeping CPU usage low demanded by the cryptomining software and to mask their Internet addresses behind services offered by CloudFlare.
Organizations need to proactively monitor their public cloud environments for risky resource configurations, signs of account compromise, and suspicious network traffic just as they do for their on premise environments. It is advised not to share the root user account to be used to perform activities-behavior that goes against security best practices and in some cases user accounts that have potentially been compromised, reason being databases are not properly encrypted.
Nazara and ONDC set to transform in-game monetization with ‘
Nazara Technologies has teamed up with the Open Network for Digital Comme...
Jio Platforms and NICSI to offer cloud services to government
In a collaborative initiative, the National Informatics Centre Services In...
BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium
A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...
Pinterest tracks users without consent, alleges complaint
A recent complaint alleges that Pinterest, the popular image-sharing platf...
SAFE SECURITY SERVICES PVT. LTD.
NUMERIC INDIA, A Group Brand Legrand
FRESHWORKS TECHNOLOGIES PVT. LTD.
STERLITE TECHNOLOGIES LTD.
Icons Of India : Daisy Chittilapilly
Daisy Chittilapilly is the President of Cisco’s India and SAARC regi...
Icons Of India : ASHISH KUMAR CHAUHAN
Ashish kumar Chauhan, an Indian business executive and administrator, ...
Icons Of India : Arjun Malhotra
Arjun Malhotra, the Chairman of Magic Software Inc., is widely recogni...
ITI - ITI Limited
ITI Limited is a leading provider of telecommunications equipment, sol...
IFFCO - Indian Farmers Fertiliser Cooperative
IFFCO operates as a cooperative society owned and controlled by its fa...
CERT-IN - Indian Computer Emergency Response Team
CERT-In is a national nodal agency for responding to computer security...
Indian Tech Talent Excelling The Tech World - ANJALI SUD, CEO – Tubi
Anjali Sud, the former CEO of Vimeo, now leads Tubi, Fox Corporation...
Indian Tech Talent Excelling The Tech World - ARVIND KRISHNA, CEO – IBM
Arvind Krishna, an Indian-American business executive, serves as the C...
Indian Tech Talent Excelling The Tech World - AJAY BANGA, President - World Bank
Ajay Banga is an Indian-born American business executive who currently...