Nvidia cyberattack not related to Russia’s invasion of Ukraine, report says

Nvidia has yet to disclose further details on the cyber “incident” that it has been investigating — but a report Friday said the apparent cyberattack was not tied to the crisis in Ukraine that’s been brought on by Russia.

The unprovoked invasion of Ukraine by its neighbor Russia this week prompted increased sanctions from the U.S. and other western nations on Thursday. Russian President Vladimir Putin has made repeated threats to take actions against the west if its nations were to “interfere” with Russia’s campaign against Ukraine — something that many believe could include deployment of cyberattacks, given the Putin regime’s frequent use of this tactic.

However, according to a Bloomberg report Friday, the cyberattack against Nvidia was not related to Russia’s war against Ukraine. The breach was “not connected to the crisis in Ukraine,” the report said, citing a source familiar with the matter.

When reached Friday, Nvidia said it could not confirm the report and did not have any additional information to add beyond its prior statement.

The Bloomberg report also said that the incident “appears” to have involved a ransomware attack, and suggests the attack was “relatively minor.”

In Nvidia’s statement earlier Friday, a spokesperson said that the company was “investigating an incident” and was “still working to evaluate the nature and scope of the event.”

“Our business and commercial activities continue uninterrupted,” the Nvidia spokesperson said in the statement.

Outages reported

The statement came in response to a Friday report in The Telegraph that Nvidia, one of the largest producers of graphics chips, has been investigating “a potential cyber attack that has taken parts of its business offline for two days.”

Quoting an unnamed “insider” at Nvidia, The Telegraph reported that the potential cyberattack had “completely compromised” internal systems at the company — “although some email services were working on Friday,” the report said.

The potential “malicious network intrusion” has caused outages for the company’s email systems and developer tools, the report says.

In situations such as this, cyber defenders shouldn’t “immediately assume” that attacks are retaliation to western sanctions against Russia, said Rick Holland, CISO at Digital Shadows.

“This response is possible, but it needs to be investigated and validated,” Holland said. “Ransomware crews have been extorting victims for years and will continue to do so.”

Retaliation threatened

Still, in his addresses in recent days, Putin has made it clear that the entire Western world is his enemy and all options are on the table, according to Eric Byres, a cybersecurity veteran who is now CTO of aDolus Technology.

In his speech on Thursday, Putin said that “for those who may be tempted to interfere in these developments,” that “Russia will respond immediately, and the consequences will be such as you have never seen in your entire history.”

RussianRussian cyber offensives have also been playing a role in the country’s build-up to its assault on Ukraine this week. Authorities in the U.S. and U.K. blamed Russia for last week’s massive distributed denial-of-service (DDoS) attacks in Ukraine. Fresh DDoS attacks, as well as destructive cyberattacks that involved wiper malware, struck Ukraine on Wednesday just ahead of the invasion.

Meanwhile, Russia’s attacks on Ukraine have led hacking groups worldwide to increase their activities — in numerous instances to support one of the two sides, in what some are calling a “cyber proxy war.”