Sabotage. A word that brings to mind World War II films where a band of resistance fighters blows up bridges to stop enemy troop movements saving Allied Troops. It only happens in movies, right?
Sabotage takes many different forms and happens regularly in business environs. It often goes on without acknowledgment by organizations publicly. While the first thought comes to mind is someone putting a wrench in the machine stopping the production line, in today’s digital technology-heavy dependent world, digital sabotage is becoming more common. Adding digital espionage on top of that, it can be very damaging to a company.
Recently, Tesla CEO Elon Musk experienced a worst-case scenario for many CEOs and CISOs today: digital sabotage. Musk shared with employees that the automaker had experienced “quite extensive and damaging sabotage,” as written in an email obtained by the American financial news network, CNBC.
It appears that a rogue employee made code changes to the Tesla’s Operating System used in their vehicles. While it is a Linux-based code making it difficult to hack, it can be modified by those with access. Also, revealed was that employee might have committed espionage by stealing then sending sensitive data to an unknown third party.
Not only has intellectual property been stolen from Tesla which gives them a competitive advantage in the alternative vehicle and energy sectors, but the OS running the car’s code could have been compromised in ways that are currently unknown to the engineers and developers. The extent of the digital sabotage and espionage was undiscovered or not made public at the time of posting this article.
The situation for Tesla is very grave. It is a crisis for the company. The organization’s ability to conduct business may be affected. Adding to the recent public setbacks, it is a serve blow.
Many moving parts are happening concurrently to understand the damage to the company thoroughly and how to recover effectively:
– Law enforcement, most likely the cyber crimes units, have been notified.
– Cyber forensics investigation is underway to determine how and what has happened then preserve the evidence for future charges and prosecution.
– Cybersecurity audit is being conducted to see where gaps are in the process and procedures.
Companies should perform regular security audits. A review of the permissions structure as to who has access digitally to what information should be part of the audit.
The principle of least privilege (PoLP) should be deployed to help protect against insider threats. It is a concept within the cybersecurity community encouraging limiting user privileges on the network and computers. The privilege should be based on users’ job requirements. PoLP applied to individual computers, and system components can reduce the likelihood of the attack surface by eliminating unnecessary privileges resulting in network exploits and system compromises.
As a CEO, digital sabotage is something you need to add to your risk matrix and prepare for the likelihood.