This week, news surfaced that Tesla’s Fremont factory in California was the target of a malicious sabotage plot and this time, by an employee. Tesla’s Vice President of Legal and Acting General Counsel, Al Prescott, notified staff in an email sent on Monday about the disruption caused to operations:
“Two weeks ago, our IT and InfoSec teams determined that an employee had maliciously sabotaged a part of the Factory. Their quick actions prevented further damage and production was running smoothly again a few hours later.”
The Tesla facility employs over than 10,000 staff where the EV manufacturer produces the Models S, X, 3, and Y. Specific details were not released of whether the incident involved external law enforcement or was handled internally. The employee in question has not been named but he/she allegedly tried to cover their tracks by blaming a colleague and destroying a company computer.
Part of Al Prescott’s email also stated:
“Ultimately, after being shown the irrefutable evidence, the employee confessed. As a result, we terminated employment. We place tremendous trust in our employees and value everyone’s contribution. However, whatever the personal motivations of the attacker were, these are crimes, violations of our code of conduct, and are unfair to other employees. We will take aggressive action to defend the company and our people.”
This is not the first time Tesla has been subjected to sabotage, which is exactly why the EV maker employs an astute internal security team.
In the past, Tesla has to deal with dirty deeds both externally and internally. In 2016, Tesla sued a former oil services executive for impersonating Musk in an email to former CFO Jason Wheeler. In the lawsuit, the EV carmaker said the email was part of an oil industry effort to undermine Tesla’s push for energy-efficient transportation.
And in June 2018, Tesla CEO Elon Musk emailed his entire company informing them that an employee had been caught conducting damaging sabotage to operations. It was found that the employee made direct code changes to Tesla’s manufacturing system and sent large amounts of highly sensitive data to third parties. Musk later said the employee was disgruntled after not receiving a promotion. Well, that was definitely one way to make sure you never get a promotion at Tesla.
Last month, Tesla CEO, Elon Musk confirmed that the Nevada factory was the target of a cyberattack by a Russian national, which was thwarted by an employee.
In 2014, Tesla launched its Bug Bounty Program where you actually award people for finding vulnerabilities in a company’s system, and in Tesla’s case – their cars.And the program is still ongoing.
David Lau, Tesla’s Vice President of Software Engineering explained:
“Since launching our bug bounty program in 2014 – the first to include a connected consumer vehicle – we have continuously increased our investments into partnerships with security researchers to ensure that all Tesla owners constantly benefit from the brightest minds in the community. In the Tesla Model 3 category, there are a number of target systems, including WiFi and Bluetooth systems, infotainment, autopilot, key fob and phone-as-a-key systems, modem or tuner, and others. The largest prices will be awarded to those who find vulnerabilities in the vehicle’s ‘Gateway, Autopilot, or VCSEC systems.”
That’s an innovative approach to invite top I.T. people to pull out all the works in hacking Tesla’s system. So, if you are successful in finding vulnerabilities in Tesla's system, instead of going to jail, you can walk away with a wad of cash and a feather in your cap!