Tesla sues former employee Martin Tripp for sabotage and intellectual property theft. Credit: Toru Hana/Reuters Every company needs to worry about the insider threat, and Tesla is no exception.On the evening of June 17, 2018, Elon Musk emailed his employees advising that the threat posed by a malevolent insider was a reality. Musk elaborated how “a Tesla employee had conducted quite extensive and damaging sabotage to our operations.”In his email, he implored Tesla employees to work with the company in determining if the employee was operating alone or with confederates inside or outside the company. The unidentified employee (though gender appears to be male), has been identified and interviewed with respect to his actions.The employee’s access, based on the letter, included the ability to make “direct code changes to the Tesla Manufacturing Operating System under false usernames and exporting large amounts of highly sensitive data to unknown third parties.” The insider motivation?What motivated the Tesla insider? The same thing encountered time and time again: revenge. The individual did not receive a promotion he believed he deserved and decided to both sabotage the operations of Tesla and share the company’s intellectual property with third parties.With whom may this insider have engaged? Musk continued how Tesla is a threat to the status quo within the global energy and automotive industry. The implication being there are a great number of entities that may have swallowed their scruples and welcomed the opportunity to take a peek behind the Tesla curtain. What Tesla employees learnedThat insider threat is not limited to the theft of intellectual property. Indeed, setting back a competitor’s advance by sabotaging their forward progress may be enough to allow a window of opportunity to open for the competitor to grab sufficient market share to be viable.What we know about the Tesla insiderMusk’s letter to his employees has generated as many questions as it answered. A search of Federal court records showed that on June 19, 2018, Tesla brought legal action on a Martin Tripp in the U.S. District Court of Nevada. The court issued a summons to Tripp, a resident of Sparks, Nevada, on June 21, 2018.The complaint answers some of the questions that come to mind.Who is the employee and where did he work?Martin Tripp appears to be the employee, and he was employed at Tesla’s Nevada Gigafactory. According to Tesla, “the factory’s planned annual battery production capacity is 35 gigawatt-hours (GWh), with one GWh being the equivalent of generating (or consuming) 1 billion watts for one hour.”What is the information stolen? According to the complaint, the trade secrets taken include:Breaching specific provisions of the Proprietary Information AgreementWriting software to hack Tesla’s MOSExfiltrating confidential and proprietary data from Tesla’s MOS for the purpose of sharing the data with persons outside the companySending third parties a confidential code or “query”Taking and sharing with third parties dozens of photographs of Tesla’s manufacturing systemsTaking and sharing with third parties a video of Tesla’s manufacturing systemsAttempting to conceal electronic evidence of his misappropriation and disclosure of trade secretsWhat methodologies were used by the employee to sabotage and share information?The complaint indicates that the individual “wrote software which caused the production systems to fail. In addition, the employee is alleged to have disseminated false information about the company, for an as yet unidentified purpose.Personal meetings, email, provision of credentials? Not yet determined.Tesla, wisely, requested the court to order Tripp to allow “inspection of Tripp’s computers, personal USB and electronic storage devices, email accounts, ‘cloud’-based storage accounts and mobile phone call and message history.” The information would allow Tesla investigators to perhaps determine who the identities of any co-workers who assisted Tripp, and possibly the third parties to which he shared or attempted to share Tesla confidential information. This case of the trusted insider breaking trust will be one we will keep our eye on as it evolves. Related content news analysis China’s MSS using LinkedIn against the U.S. The head of the U.S. National Counterintelligence and Security Center says China's MSS is using social networks, specifically LinkedIn, to target, access, and recruit U.S. sources. By Christopher Burgess Aug 31, 2018 4 mins Social Engineering Cybercrime Security news analysis Tesla insider with expired NDA spills the tech beans A former Tesla engineer with an expired non-disclosure agreement (NDA) shared inside technical information on an obscure forum, which was quickly shared across multiple social media platforms. By Christopher Burgess Aug 30, 2018 3 mins Risk Management Security news analysis Horizon Air tragedy highlights airline insider threat vulnerability The ease at which a Horizon Air employee was able to steal and crash a Bombardier Q400 turboprop will likely prompt airlines to develop an insider threat mitigation strategy to close this vulnerability. By Christopher Burgess Aug 13, 2018 4 mins Security news analysis How did the TimeHop data breach happen? Compromise of an employee's credentials, lack of multi-factor authentication, and weak insider threat analysis all played a factor in the recent TimeHop data breach in which 21 million user accounts were compromised. By Christopher Burgess Aug 10, 2018 4 mins DLP Software Analytics Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe