Elon Musk: Employee Sabotage Damaged Tesla Production System

The sabotage of Tesla’s operations that CEO Elon Musk reportedly alleged in a recent all-company email highlights how critical cybersecurity is to both manufacturing and the safety of cars.

Musk wrote that an employee had carried out “extensive and damaging sabotage” to Tesla’s operations, CNBC reported on Monday, June 18, citing an email message that the outspoken entrepreneur allegedly sent late Sunday night. CNBC said several employees had confirmed they had received the email. Tesla did not respond to a request for comment.

The employee admitted carrying out sabotage and said he did it because he was denied a promotion, the email noted.

“This included making direct code changes to the Tesla Manufacturing Operating System under false usernames and exporting large amounts of highly sensitive Tesla data to unknown third parties,” Musk wrote. The full extent of the worker’s actions weren’t clear yet and Tesla was still investigating, he wrote.

The alleged breach was the latest setback for Tesla as it races to reach a production rate of 5,000 units per week on the Model 3, the smaller, more affordable sedan that’s key to the company’s goal of becoming a mainstream, high-volume automaker. Also on Sunday night, Tesla halted part of its production line because of a small fire, CNBC reported. Last week, the company announced a reorganization that will eliminate about 9% of its workforce of 46,000.

While Musk said most cases of theft or sabotage involve someone trying to get back at their company or a co-worker, much of the brief email on Sunday focused on outside threats.

“We need to figure out if he was acting alone or with others at Tesla and if he was working with any outside organizations,” Musk wrote. “As you know, there are a long list of organizations that want Tesla to die.”

He cited oil and gas companies, makers of non-electric cars and short sellers of Tesla’s stock, who have bet that the company’s shares will go down.

“Please be extremely vigilant, particularly over the next few weeks as we ramp up the production rate to 5k/week. This is when outside forces have the strongest motivation to stop us,” Musk wrote.

Beyond Tesla’s own issues, the alleged attack also put industrial and automotive cybersecurity in the spotlight.

Because they are trusted and often have streamlined access to internal systems, employees can threaten corporate infrastructure unless the company takes extra security measures, said Chris Morales, head of security analytics at threat management company Vectra, in a statement sent to The Connected Car.

“Trusted users always pose the highest risk as they have the means and only lack the motivation. In this instance, the motivation sounds personal, and that is quite often the case in corporate sabotage,” Morales wrote.

Standard controls on access to systems aren’t always enough to protect companies from inside attacks.

“The challenge is in understanding the difference in approved and unapproved behaviors as they occur and to prioritize the riskiest behaviors so that an immediate response can be formulated, before the damage is done,” Morales wrote.

While automakers may have extra security mechanisms in place to protect code inside the vehicles they sell, the increasing importance of software in connected cars opens up more potential danger from insider attacks.

“If a person is highly placed enough inside any company and has the skills to introduce new code, then they have the ability to do harm,” Gartner Automotive Analyst Mike Ramsey told The Connected Car. “The connected nature of vehicles, and machinery more generally, make them more vulnerable to attack and puts a large premium on security.” Carmakers need strong governance over internal processes and procedures to ensure that, at the least, it’s possible to identify an inside attacker and understand what they did, Ramsey said.

Stephen Lawson is a freelance writer based in San Francisco. Follow him on Twitter @sdlawsonmedia.

Leave a comment

Your email address will not be published. Required fields are marked *