Nvidia has confirmed that it’s currently investigating an incident that, appears to have been part of a ransomware attack on the GPU maker.
Nvidia was “investigating a potential cyber attack that has taken parts of its business offline for two days.” The paper also speculated about the possibility of the attack somehow being related to Russia’s invasion of Ukraine.
We are investigating an incident,Our business and commercial activities continue uninterrupted. We are still working to evaluate the nature and scope of the event and don’t have any additional information to share at this time.
It was reported “a person familiar with the incident” believes the attack was financially motivated and was “not fueled by geopolitical tensions,” however State actors have resorted to ransomware in the past, but at least for now it seems this was an act of crime, not war.
The hackers responsible for this attack have reportedly started to discuss their plans which include leaking 1TB of information gleaned from Nvidia’s internal network on the dark web
But the group has reportedly also claimed that Nvidia hacked it back and infected their systems with ransomware to prevent the stolen information from being leaked
Nvidia didn’t immediately respond to a request for comment. The chances that it actually decided to “hack back” are incredibly low, however, not least because such an operation would violate the Computer Fraud and Abuse Act.
More details about the incident will likely be revealed as Nvidia’s investigation continues. In the meantime, it’s worth remembering that even though Russia is invading Ukraine, most hacks will probably be unrelated to that conflict. Politically motivated attacks are the exception, not the rule
It’s been identified Lapsu$ extortion group from south africa has involved in the attack. Also Nvidia launched an attack on the group to check if the data backup available with them is valid, but the operation gone vain.