Hackers infiltrated Tesla (Electric vehicle company) which is in Amazon cloud environment
By MYBRANDBOOK
Hackers infiltrated Tesla (Electric vehicle company) which is in Amazon cloud environment and stole computer resources to mine for cryptocurrency, according to the security firm RedLock. There is new trend in security is going on like cryptojacking incidents. With this a question mark is on whether the public cloud is safe to deploy? Breaches at cloud service providers were almost never the fault of the host-Amazon, Microsoft, Google. As the public cloud security is a shared responsibility. Organizations of every stripe are fundamentally obliged to monitor their infrastructures for risky configurations, anomalous user activities, suspicious network traffic, and host vulnerabilities.
Public cloud environments are ideal targets due to the lack of effective cloud threat defense programs. According to RedLock’s Cloud Security Report-alert Tesla as soon as about the intrusion and the vulnerability was addressed, where unstructured data was there. The electric vehicle company was reportedly running one of hundreds of open-source systems and the found accessible online without password protection. The exposure allowed hackers to access Tesla’s Amazon cloud environment, RedLock said.
Tesla spokesperson said there is “no indication” the breach impacted customer privacy or compromised the security of its vehicles. “We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. “The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.
According to RedLock, mining cryptocurrency is likely a more valuable use of Tesla’s servers than the data it stores. The crooks employed cryptocurrency mining software called Stratum, but the researchers said they were uncertain of the type and amount of virtual loot mined. They were also unsure how long the intruders had access. The recent rise of cryptocurrencies is making it far more lucrative for cybercriminals to steal organizations’ compute power rather than their data.
The hackers hid their tracks using Stratum mining protocpl and find the clever tricks of hiding true IP address of mining pool server by keeping CPU usage low demanded by the cryptomining software and to mask their Internet addresses behind services offered by CloudFlare.
Organizations need to proactively monitor their public cloud environments for risky resource configurations, signs of account compromise, and suspicious network traffic just as they do for their on premise environments. It is advised not to share the root user account to be used to perform activities-behavior that goes against security best practices and in some cases user accounts that have potentially been compromised, reason being databases are not properly encrypted.
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
The latest version of X helps prevent deepfakes on social medi
To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...
India and Namibia collaborate on a payment system similar to U
Once operational, the platform will enable digital transactions in Namibia,...
Sebi issues show-cause notices to six Adani group firms
Sebi issued show-cause notices to six Adani Group firms, including Adani ...
ATRIE TECHNOLOGY PVT. LTD.
RELIANCE JIO INFOCOMM LTD.
AMARA RAJA POWER SYSTEMS LTD.
INFOSYS TECHNOLOGIES PVT. LTD.
Technology Icons Of India 2023: Sandip Patel
Sandip Patel is the Managing Director, IBM India/South Asia. He is res...
Technology Icons Of India 2023: B.V.R. Subrahmanyam
B.V.R. Subrahmanyam belongs to Andhra Pradesh. He is a 1987-batch IAS ...
Technology Icons Of India 2023: Harsh Jain
Harsh Jain is an Indian Entrepreneur, the co-founder and CEO of the In...
GSTN aims to integrate indirect tax ecosystem on a shared IT infrastructure
Goods and Services Tax Network (GSTN) has built Indirect Taxation plat...
BSE provides highly secure, efficient and transparent market for trading
BSE (formerly known as Bombay Stock Exchange Ltd.) is Asia's first & t...
BBNL empowering rural India digitally
BBNL provide high speed digital connectivity to Rural India at afforda...
INGRAM MICRO INDIA PVT. LTD.
Ingram Micro India, a large national distributor offers a comprehensiv...
IRIS GLOBAL SERVICES PVT. LTD.
Iris Global services is one of the leading distribution houses that d...
NETPOLEON SOLUTIONS
Netpoleon Group is a Value-Added Distributor (VAD) of Network Security...