Unclear if Nvidia cyber ‘incident’ tied to Russia and Ukraine

Technology giant Nvidia has reportedly experienced a “potential” cyberattack, but it’s not yet clear if there is a connection to Russia’s military invasion of Ukraine and Vladimir Putin’s pledges to retaliate against the west over the conflict.

According to The Telegraph, Nvidia, one of the largest producers of graphics chips, has been investigating “a potential cyberattack that has taken parts of its business offline for two days.”

In a statement provided by Nvidia to VentureBeat on Friday, the company did not directly confirm that a cyberattack had occurred. Instead, Nvidia said that an unspecified “incident” had occurred. “We are investigating an incident,” an Nvidia spokesperson said in the statement.

“Our business and commercial activities continue uninterrupted,” the spokesperson said in the statement. “We are still working to evaluate the nature and scope of the event and don’t have any additional information to share at this time.”

Quoting an unnamed “insider” at Nvidia, The Telegraph reported that the potential cyberattack had “completely compromised” internal systems at the company — “although some email services were working on Friday,” the report said.

The potential “malicious network intrusion” has caused outages for the company’s email systems and developer tools, the report says.

The report specifies that “there is no evidence linking Nvidia’s outages to the conflict” in Ukraine, which has involved an unprovoked assault on the country recently by Ukraine’s neighbor Russia.

A subsequent report from Bloomberg on Friday said that the incident “appears” to have involved a ransomware attack. Citing a source familiar with the situation, the report suggests the attack was “relatively minor” and not connected to Russia’s war against Ukraine. VentureBeat has reached out to Nvidia about the Bloomberg report.

Increased cyberattacks

Regardless of the true details of the Nvidia incident, “there will no doubt” be a pickup in cyberattacks in the coming days and weeks, said Rick Holland, CISO at Digital Shadows.

However, “defenders shouldn’t conflate and immediately assume that these attacks are retaliation from western sanctions against Russia,” Holland said in an email to VentureBeat. “This response is possible, but it needs to be investigated and validated. Ransomware crews have been extorting victims for years and will continue to do so.”

In his addresses recently, Putin has clarified it that the entire Western world is his enemy and all options are on the table, according to Eric Byres, a cybersecurity veteran who is now CTO of aDolus Technology.

In his speech on Thursday, for instance, Putin said that “I would now like to say something very important for those who may be tempted to interfere in these developments from the outside. No matter who tries to stand in our way or all the more so create threats for our country and our people, they must know that Russia will respond immediately, and the consequences will be such as you have never seen in your entire history.”

Provocative approach

Russia and government-linked groups have a significant cyber offense capability. Past attacks and current threats from Russia have represented one of the biggest drivers for the security industry for years.

However, Byres told VentureBeat that he originally believed that Putin “was a rational actor that wouldn’t want to launch major cyberattacks in the U.S., as that would provoke similar attacks in response.”

But “after reading the full translation of his speech on Tuesday, reviewing the commentary from a number of Russian political analysts and talking to cyber analysts looking at known intrusions in the U.S., I’m not so sure anymore,” Byres said. “I worry that Putin believes he is bulletproof and the U.S. is weak.”

Russian cyber offensives have also been playing a role in the country’s build-up to its assault on Ukraine this week. Authorities in the U.S. and U.K. blamed Russia for last week’s massive distributed denial-of-service (DDoS) attacks in Ukraine. Fresh DDoS attacks, as well as destructive cyberattacks that involved wiper malware, struck Ukraine on Wednesday just ahead of the invasion.