Where Rubber Meets the Road: Exposed Credentials in the Cloud Facilitate Cryptocurrency Mining

Advertisement


Cloud and DevOps enable powerful, transformational advances across many businesses – from finance to manufacturing. But, what happens when a cyber attacker gets a hold of the access keys to the cloud account of a leading automobile manufacturer? Well, as learned in the recently reported breach at Tesla, the attackers exploited access to mine for cryptocurrency!

Reportedly, attackers discovered an unprotected DevOps tool belonging to Telsa. In this case it was a Kubernetes console that exposed AWS Access Keys.

Advertisement