author photo
By Bruce Sussman
Wed | Jun 20, 2018 | 8:13 AM PDT

Did an insider threat go undetected long enough at Tesla Motors to cause serious damage?

It sure sounds like it.

CNBC published a memo from CEO Elon Musk to the entire company that starts like this:

"I was dismayed to learn this weekend about a Tesla employee who had conducted quite extensive and damaging sabotage to our operations. This included making direct code changes to the Tesla Manufacturing Operating System under false usernames and exporting large amounts of highly sensitive Tesla data to unknown third parties.

The full extent of his actions are not yet clear, but what he has admitted to so far is pretty bad. His stated motivation is that he wanted a promotion that he did not receive. In light of these actions, not promoting him was definitely the right move."

Insider threat monitoring

A disgruntled employee gone rogue, altering code, and potentially sharing proprietary information with the world. Is your company watching out for the warning signs, or will you ignore them?

The Ponemon Institute recently told SecureWorld how insider threats are often viewed as being a mistake instead of sabotage, which makes them even more damaging.

And Joseph Carson, Chief Security Scientist at Thycotic, says Tesla clearly did not have the right security posture around access.

"It appears that Tesla has failed to do that most important step in least privilege: discovering and detecting unapproved privileged access.

This will likely be a major lesson for Tesla and hopefully this is not related to the recent accidents with their vehicles which I am sure the regulators will be looking into if they are related.

This yet again demonstrates why privileged access was moved to the  number one project for organizations in 2018 according to Gartner so such incidents are less likely to happen in the future."

Where did Tesla data go?

Musk's memo indicates the company does not yet know where the employee transferred the data. However, Musk went on in his memo to detail those who would like to kill the company and could be helped by insider information:

  • Oil companies
  • Big gas/diesel car companies
  • Short-sellers on Wall Street who've "lost billions" on Tesla

And don't forget about the Chinese; their R&D is largely built on theft of intellectual property.

Could Tesla change the world?

The stakes are particularly high because Tesla may be the future of cars.

A friend of mine replaced his BMW with a Tesla. He tells me, "This is the best car I've owned in my life."

After going for a ride in it, I was left with the feeling I had after seeing the first iPhone. Do you remember how magical that seemed? And we all know how that turned out.

The car is unbelievably fast, smooth as silk on the road, and even more technologically advanced than I was expecting—with a massive video panel, web browser, and an app in which you can do almost anything.




Plus, the entire ceiling is one massive skylight. But you'd never know that until you sit inside.

What we don't know, as this point, is what the ramifications of the insider threat come to life will mean for Tesla.

However, it's a great reminder to review your organization's security posture around access to prevent a rogue employee from damaging the business.