Chipmaker Nvidia Hit by Possible Major Cyber attack
Nvidia is reportedly in the middle of dealing with some kind of cyber attack that has lasted two days so far, according to various media sources as well as the company itself. Reports indicate the attack, which is still being investigated, has taken out the company’s email systems and its developer tools, but it’s unclear if other components of the company’s business were similarly affected by the intrusion into its networks. It’s also not clear if the situation poses a threat to any of Nvidia’s partners.
According to The Telegraph, one company insider said the unwelcome intrusion has “completely compromised” the company’s internal systems, but that portions of its email service had resumed operation as of Friday, the 25th. An Nvidia spokesperson confirmed the unfortunate event, but offered few details. “We are investigating an incident. We don’t have any additional information to share at this time,” the spokesperson said. It’s unclear at press time whether any data was stolen from Nvidia’s servers, or to what extent any damage was caused.
Reports indicate the company hasn’t yet discovered who the perpetrator is, but the Telegraph reports that the company hadn’t alerted any of its partners to the intrusion as of press time. However, Nvidia has many partners so it’s doubtful the paper could have queried all of them.
Given the timing of the attack, it certainly raises questions about if it’s at all tied to the recent Russian aggression in Ukraine as the cyber attack began at roughly the exact same time as the Russian incursion into Ukraine. Shortly thereafter, the US announced major sanctions against Russia in retaliation for its actions, so it’s possible that hackers friendly with Russian interests could be counter-attacking, and a huge and important company like Nvidia would certainly be a juicy target.
However, several days ago the Secretary of the Department of Homeland Security, Alejandro Mayorkas, said the US doesn’t know of any specific and credible threats targeting US companies at this time, but that companies should be prepared just in case. It is also possible that an country or organization with no particular ties to the Ukraine / Russia issue has chosen this time to make a move.
The impact of the hack was severe enough that Nvidia had to take several of its internal systems offline to prevent further intrusions, or the spread of malware throughout its network. It’s a situation that’s reminiscent of the Solar Winds hack from 2017, where hackers infected the software update mechanism of the company, allowing malware to spread to its customers, including many US government institutions.