Security

Tesla employee sabotage illustrates critical importance of user permissions

Tesla CEO Elon Musk claims the firm suffered 'extensive and damaging sabotage,' including code tweaks and leaked secrets.

Late Sunday night, Tesla CEO Elon Musk warned employees that the company had experienced "quite extensive and damaging sabotage," as noted in an email obtained by CNBC.

In the email, which bears the subject "Some concerning news," Musk wrote that the rogue employee had made code changes to Tesla's OS under a false username and had sent stolen sensitive data to "unknown third parties." Musk went on to note that the full extent of the sabotage was unknown.

So, why did the actor pursue the sabotage? According to Musk's email, it's because he didn't receive a promotion that he felt he deserved. However, if it's any consolation, Tesla probably made the correct decision not to promote him, based on the malicious nature of his actions, Musk wrote.

SEE: IT staff systems/data access policy (Tech Pro Research)

What happened at Tesla is a worst-case scenario for many CEOs and CISOs alike. Not only have company secrets been leaked, but the core OS code could have been compromised in unknown ways. This, of course, begs the question of why this particular individual had these permissions to begin with.

If a given individual is able to exfiltrate critical data and make code changes to a core OS, he must be fairly high-ranking within the company. However, if he wasn't, but was still able to accomplish what he did, then it's a possibility that the company must re-examine its permissions structure, and take steps to more clearly follow the principle of least privilege.

There's also the question of what Musk meant by claiming that the code changes were made under "false usernames." Perhaps this employee was an admin, and was able to create a new profile with better permissions than his day-to-day profile. Or, maybe Musk is simply referring to a set of stolen credentials. Either way, the situation should prompt a security audit and additional employee security training at a minimum.

While Musk wrote that the missed promotion was the stated objective of the saboteur, he also noted that there was "more to this situation than meets the eye." He then notes Tesla's many enemies in the energy sector, finance, automotive, and more, hinting at a possible conspiracy to bring the electric car giant down.

Tesla was also recently in the news for a massive reorganization that led to layoffs of 9% of its workforce, which some have mentioned as a possible secondary motive.

Musk closes the email by encouraging employees to remain vigilant and report anything suspicious to a specified email address. He also mentioned excitement at ramping up Model 3 production as well.

The big takeaways for tech leaders:
  • Tesla was the victim of an internal employee sabotage that led to OS code changes and leaked company secrets, CEO Elon Musk said in a company email.
  • All companies should perform regular security audits and follow the principle of least privilege to help protect against insider threats.

Also see

tesla.jpg
Image: Tesla

About Conner Forrest

Conner Forrest is a Senior Editor for TechRepublic. He covers enterprise technology and is interested in the convergence of tech and culture.

Editor's Picks

Free Newsletters, In your Inbox