
Tesla employee foregoes $1M payment, works with FBI to thwart attack - Reedx
https://www.teslarati.com/tesla-employee-fbi-thwarts-russian-cybersecurity-attack/
======
Cactus2018
Not so much a "$1M payment" as the appearance of a future payment in exchange
for installing malware:

>that could allow the hackers to occupy the Tesla information security team.
... extract corporate and network data, which would be held ransom.... For his
participation in the ploy, the Gigafactory Nevada employee would receive
$500,000, later raised to $1 million, to be paid in cash or bitcoin.

...

>The hacker agreed to pay an advance of $11,000 to the Giga Nevada worker. Two
days later, on August 21, the Tesla employee was contacted by the hacker once
more, who stated that the project was being “delayed” and all payments
relating to the plan would not be transferred until a later date.

~~~
ncmncm
Agree. There was no reason to think the $1M would have been paid, and every
reason to expect not. The $11k figure was a tell. Doubling from $1/2M to $1M
was another.

It is always easy to increase an offer that you don't plan to make good on.

Reminds me of the Pascal's wager variant: "Lend me a $1000, I will give you
$1M in a month. Don't trust me? Make it $100M. However small you think the
probability that I will make good, just take the reciprocal and multiply that
in, and that's what I promise."

~~~
robertk
The probability that he will make good is a function of the payback amount
(interest) so this may have have no solution. Each multiplication changes the
underlying probability itself and requires a recalculation so this does not
work.

~~~
ncmncm
It does not work, regardless. The probability that he will make good starts
out at exactly zero and stays there, whatever your estimate.

It is a demonstration that Pascal's wager is nonsense.

~~~
perl4ever
The probability isn't zero though. It's very small, but it's not infinitely
unlikely. I mean, what if he accidentally made 10 times the amount by luck and
then had a stroke that changed his personality so he decided to pay out?

~~~
ncmncm
No matter how much he offers to pay back, and no matter how its reciprocal
compares to the actual probability of paying it, it would still be foolish to
lend the money. And that is the point.

------
jseliger
Another source: [https://arstechnica.com/information-
technology/2020/08/russi...](https://arstechnica.com/information-
technology/2020/08/russian-tourist-offered-employee-1-million-to-cripple-
tesla-with-malware/)

Russia is a petro-state: it depends utterly on oil revenue to function. I
don't know how long it thinks it can delay the arrival of electric cars with
schemes like this, but evidently it doesn't mind trying, and it also thinks
that the current U.S. national leadership is too inept or too in its pocket to
mount a real response.

~~~
smabie
It seems clear like this is state sponsored, but why would the government go
to such lengths? It's too risky, especially for the agent traveling to the US.

It doesn't make sense to me, unless Russia really doesn't give a shit about
its government employees nor its public image

------
boznz
You can refuse a payment. but if the offer was to brake your arm or hurt a
family member it would not be so easy to refuse.. scary

------
Corrado
I guess the scare thing for me is that this is probably not the first, nor the
only time this has happened. And not even to just Tesla. I'm constantly
impressed by security teams that deal with this level of activity and
attention.

How many other companies have been breached in such a manner? We assume FANNG
are immune but are they really?

------
justinclift

      ... the hacker reportedly boasted that his team had recently received a ransom worth over $4 million from [...] CWT Travel
    

Wonder how the internal investigation at CWT Travel is going, to find the
insider there? Sounds like they're going to be having a Very Bad Day in the
near future. ;)

------
smabie
When I was a kid I wondered how cool it would be if we lived in some dystopia
cyberpunk world controlled by all powerful zaibatsu and hacker console
cowboys.

Well I guess I have my answer: not that cool.

------
person_of_color
Poetic justice for CWT!

------
vaxman
Is this the reason Apple stopped an update to a Watch app for Teslas until the
Dev proves that Tesla has permitted it? Is Apple getting ready to release a
vehicle that competes with Tesla?

~~~
vaxman
The timing of the indie developer's Tesla watch app (that has seen many
iterations until yesterday) suddenly being kicked out of App Store on such not
recently (if ever) enforced grounds seems to be too coincidental..don't care
how many Apple employees downvote!

