NVIDIA Hit By Major Cyberattack That May Have 'Completely Compromised' Parts of Its Business (wccftech.com) 48
An anonymous reader quotes a report from Wccftech: NVIDIA has seemingly been hit by a major cyberattack that may have completely compromised parts of its business, reports The Telegraph. In their exclusive report, The Telegraph reports that the cyberattack was initiated at the same time as the Russian cyber warfare division started their offensive against Ukraine. All Nato allies have announced major sanctions on Russia and this could potentially be why Russia has decided to target major companies such as NVIDIA.
The report further states that the cyberattack on NVIDIA has completely compromised parts of their business and there are already reports from several users coming in regarding services disruption. The scale of this attack is currently unknown but it clearly seems to be a major one as NVIDIA had to take several systems offline to pacify the intrusion before it could spread further: "'The ultimate concern is that somebody may have put something in one of the software updates,' Dr Woodward said, pointing to the devastating SolarWinds hack that exploited American software companies to gain access to US government computer systems. 'They'll be going through trying to make sure to see if there's any indication that anything has been changed in their software that they then shipped to their clients.'" NVIDIA's mail servers were also partially operational during this time so it's entirely likely that there might have been a breach in confidential documents. But it is not confirmed yet if any data was stolen. In a brief statement, an Nvidia spokesperson confirmed the report, saying: "We are investigating an incident. We don't have any additional information to share at this time."
The report further states that the cyberattack on NVIDIA has completely compromised parts of their business and there are already reports from several users coming in regarding services disruption. The scale of this attack is currently unknown but it clearly seems to be a major one as NVIDIA had to take several systems offline to pacify the intrusion before it could spread further: "'The ultimate concern is that somebody may have put something in one of the software updates,' Dr Woodward said, pointing to the devastating SolarWinds hack that exploited American software companies to gain access to US government computer systems. 'They'll be going through trying to make sure to see if there's any indication that anything has been changed in their software that they then shipped to their clients.'" NVIDIA's mail servers were also partially operational during this time so it's entirely likely that there might have been a breach in confidential documents. But it is not confirmed yet if any data was stolen. In a brief statement, an Nvidia spokesperson confirmed the report, saying: "We are investigating an incident. We don't have any additional information to share at this time."
Were any videocards harmed in the attack? (Score:2)
Asking on behalf of the millions still waiting on one at the MSRP.
Oh no, GeForce Now players wil have to join... (Score:5, Funny)
Re: (Score:2)
Plus smell-o-vision!
Lucky for us (Score:2)
Luckily for us, the Nintendo generation was tough enough to survive the breach unscathed. Take that Pentagon haters!
Asianometry says NVIDIA won AI. (Score:2)
Might this be the reason they were targeted? [youtube.com]
Terrible! (Score:4, Interesting)
At this rate, the source code to their proprietary drivers could get out and someone could now add support to hardware in the open source drivers which are part of mainline Linux. This is just awful! ;)
Re: (Score:3)
Re: (Score:2)
Too Little Information (Score:2)
To form a comment at this time.
Ironically, here is a comment.
Re: Too Little Information (Score:2)
odd (Score:2)
Re: (Score:2)
Re: (Score:2)
Nobody has been mining Bitcoin with GPUs for the last decade or so.
Re: (Score:2)
1. GPUs are used to mine Ethereum, and other altcoins.
2. I guarantee right after the attack was done, they probably started rolling back commits in git if the committing author either wasn't recognized, or if the tagged author looked at the code and says "no I didn't commit that today."
3. As they probably do not commit directly to the main branch, the main branch should still have the same code as what is made available for download. Build it and compare it. Then, if it checks out, turn public download ba
Re: (Score:2)
Re: (Score:2)
It takes an unrestricted budget to have a backup solution? Because you can't buy LTO autoloader libraries on eBay for a couple hundred bucks?
Just because some organizations are incompetent, doesn't mean all organization are incompetent. I assure you as a publicly traded company, Nvidia regularly schedules at least some DR tests, because they are required by Sarbanes-Oxley for "material" systems for reporting accounting. Are you claiming that Nvidia is in violation of SOX?
Re: (Score:2)
Vlad is not going to waste an ounce of energy assisting with the prosecution of these people. We may soon bear witness to Russia's full criminal potential.
Re: (Score:2, Insightful)
Russia will be blamed for this whether they did it or not
Currently, the governments in the US and EU are owned by multinational corporations whose only motive is profits.
These corporations currently perceive engaging with Russia as a threat to profits.
If Russia were perceived as a threat to profits you can bet that they will be happy to commit someone else's children to an armed conflict.
Especially if they can sell weapons to both sides
Re: (Score:3)
Please Hack Russia! (Score:2)
Re: (Score:2)
I was thinking I'd be willing to donate some CPU cycles and bandwidth to help that effort. But I don't want any legal repercussions. It'd be great if our (USA's) govt. would pass a law allowing people to contribute to the war effort this way, without any kind of criminal or civil penalty. It'd be up to the ISP to regulate the traffic (if they can...)
BTW, thank you for your videos! I need to watch more of them. We are kindred spirits (but I don't post videos, yet...)
Crypto? (Score:2)
Re: (Score:2)
Only if miners regularly take their mining rigs offline to download and install questionably-improved drivers instead of ignoring it and just continuing to mine at known rates.
The only people that regularly update GPU drivers as soon as they become available are "enthusiasts" that JUST have to have the latest whatever they can, no matter how many times they've had their crotch cut while straddling that bleeding edge. Everyone else updates if there's a problem, or a notification says they should.
Re: (Score:2)
This could literally be just [funded by] miners who want to know how to unlock the latest gaming cards to make them better for mining. There's enough money at stake.
Driver updates (Score:2)
Mmmm -- signed nVidia driver updates would be an amazing vector for malware.
Cut-off Russia and Byelorussia from the Internet.. (Score:1)
Best option...
Cut them off from the internet...
Re: (Score:3)
Sure - it did not help with anything... (Score:2)
I am for cutting them off.
We will be safer from cyberattacks.
And for the last years having this source did not help at all - situation was getting worse year by year...
So why the f..k should we care about Russian population? They do not want to fight.
We should protect ourselves and those who want to oppose Putin like Ukrainians...
Re: (Score:2)
Also members of this population bomb residential areas, shot to civilian convoys, shot ambulances...
Do you really believe that having them access to Internet will help?
Mail servers were "partially operational" ? (Score:1)
"NVIDIA's mail servers were also partially operational during this time"
What were they for the rest of the time ?
Does Nvidia have Sysadmins ?
Re: (Score:2)
They run MS Exchange, so... partially operational.
Planting cryptominers? (Score:2)
In the light of recent events and everyone imposing economic sanctions, I wouldn't be surprised if Russians tried to plant invisible, irremovable cryptominers at the source.
Re: (Score:2)
How would it be irremovable when you could just restore a backup of your git host? Are you suggesting that Nvidia doesn't regularly do disaster recovery testing?
Re: (Score:2)
I meant irremovable from the user perspective, if it was a part of an official Nvidia binary, built-in and signed, and required for Nvidia features to work; or if the malware had a stage two which installs a rootkit.
Re: (Score:3)
On the second subject, I work in cybersecurity and I am yet to see a company which fully tests disaster recovery, and those who have a DR plan at all are few and far between, usually the bigger they are, the less they care.
Re: (Score:3)
I've worked for midsize software developers, which would probably be close to the size of the software team at Nvidia for doing their driver and Android development work. We were annually audited for proof that various mission-critical service could be restored in a disaster. Our code repositories were included in that test.
I would be shocked if Nvidia, who knows the value of software to the point of being a total pain in the ass on Linux on purpose, didn't at least have a nightly backup of their repos.
Security...? (Score:2)
Umm, pardon me for asking, but given that this was likely, why weren't NVidia more security-conscious?
From the most basic of perspectives, there should be nothing inside NVidia's network that can be reached from the outside. Only the DMZ and certificate-and-IP authenticated IPSec endpoints should be reachable by the outside. Standard business security. Or, at least, it should be. I've seen that type of configuration maybe twice in my career and it was a relatively small shop running critical medical infrast
Re: (Score:2)
Umm, pardon me for asking, but given that this was likely, why weren't NVidia more security-conscious?
From the most basic of perspectives, there should be nothing inside NVidia's network that can be reached from the outside. Only the DMZ and certificate-and-IP authenticated IPSec endpoints should be reachable by the outside. Standard business security. Or, at least, it should be.
Almost the entire IT sector has been working remotely for the past two years. How are people going to work from home if they can't access the network? And if they can access the network remotely... how do you keep their home systems secure?
I've seen that type of configuration maybe twice in my career and it was a relatively small shop running critical medical infrastructure. None of the big players I've worked for have.
For specialized industries that's feasible (a lot of SCADA does the same).
But it's a huge PITA to work with which is why it's the exception, not the norm.
Re: (Score:2)
Almost the entire IT sector has been working remotely for the past two years. How are people going to work from home if they can't access the network? And if they can access the network remotely... how do you keep their home systems secure?
The first term you would be looking for is "extranet", a single "internal" network that consists of many physically disconnected sites. In order to build these, you need virtual private networks, since home users obviously can't afford physically private networks, and sec
channel attack? (Score:2)
The stock market doesn't think so (Score:2)
We may not care about our neighbors .... (Score:2)
Russia has not reason to attack NVIDIA (Score:2)
But some others may use the current crisis as giving them cover for their operations.
Re: (Score:2)
Russia has not reason to attack Ukraine.
I can certainly see how Russia *could* be involved. It makes just as much sense that it was them as that it wasn't.
Of course (Score:1)