Categories
Security

Unprecedented cyberattack takes Nvidia offline for two days

Nvidia announced that its network has been compromised, and the company is in the process of investigating a potential cybersecurity breach that took down the chipmaker’s systems over the last two days. The latest cybersecurity concern adds to Nvidia’s problems with chip shortages during the global pandemic, which have affected the entire semiconductor industry.

News of Nvidia’s compromised internal systems was initially reported by British publication The Telegraph, which noted that it was likely a cyberattack.

“We are investigating an incident,” Nvidia told the publication. “We don’t have any additional information to share at this time.”

According to the report, the company’s developer tools and email system were said to have suffered outages over the past two days, leading to speculation that Nvidia’s network may have suffered from a cyberattack. Other parts of Nvidia’s internal network may have been affected as well, with The Telegraph reporting that the company’s network was entirely compromised.

If accurate, this could mean that confidential and proprietary information may have been unlawfully accessed. Of concern is that a malicious attacker could have injected malware onto Nvidia’s systems. There is speculation that ransomware may have been installed on Nvidia’s servers, though this has not yet been confirmed by the company. It is also unclear at this point what, if any, data may have been improperly accessed or deleted from the company’s network.

The Telegraph did state that some email systems were up and running on Friday. Nvidia’s website and home page are currently up and running.

At this time, it’s unclear who initiated the cyberattack on Nvidia, but the report from The Telegraph speculates on the timing of the cyberattack, which lines up with the invasion of Ukraine by Russia. Ahead of the situation in Ukraine, the U.S. government had issued warnings to technology companies warning of potential cyberattacks, but there’s been no confirmation so far that this was a state-sponsored incident.

In addition to investigating the attack, VideoCardz reported that Nvidia now also has the daunting task of ensuring that its systems are clean and that malware doesn’t slip into software and products that are shipped to consumers, including the company’s graphics cards and chips for autonomous driving, servers, and supercomputers. It’s unclear how long Nvidia’s investigation will take and if law enforcement will ultimately step in.

Prior to the cyberattack, Nvidia was most recently in the news for abandoning its acquisition proposal for chipmaker ARM. Nvidia had initially proposed a $40 billion takeover of ARM from Japanese conglomerate SoftBank, but the deal ultimately fell through due to regulatory concerns.

Editors’ Choice




Repost: Original Source and Author Link

Categories
Security

Apple targeted in $50 million ransomware attack resulting in unprecedented schematic leaks

Apple has been targeted in a $50 million ransomware attack following the theft of a trove of engineering and manufacturing schematics of current and future products from Quanta, a Taiwan-based company that manufactures MacBooks and other products for Apple.

The leak, first reported by The Record, was carried out by REvil, a Russian hacking group that’s also known by the name Sodinokibi. The group had already begun posting the stolen images on April 20th, timed specifically to coincide with Apple’s latest “Spring Loaded” event, after Quanta refused to pay the $50 million ransom for the data. The group is now hoping to get Apple itself to pay up by May 1st, promising to continue to post new images from the leak daily until it does.

Quanta has confirmed that its servers were breached in a statement to Bloomberg, commenting: “Quanta Computer’s information security team has worked with external IT experts in response to cyber attacks on a small number of Quanta servers.” Quanta also says “there’s no material impact on the company’s business operation” as a result of the hack.

REvil has a history of similar ransomware attacks, Bleeping Computer points out, with the group also carrying out similar hacks on Acer and other companies in the past several months. But the Quanta attack — by virtue of its connection to Apple and the potential to reveal unannounced Apple hardware — marks the group’s highest-profile target yet.

The company hasn’t clarified the extent of the leak yet, but images leaked by REvil so far include schematics for Apple’s just-revealed iMac redesign — which, prior to yesterday, hadn’t been seen by anyone outside of Apple’s sphere of influence, lending credence to the fact that the documents are indeed accurate. The schematics also include warnings on nearly every page: “This is the property of Apple and it must be returned,” and they specify that the documents are not to be reproduced, copied, or published.

Also contained within the revealed files are manufacturing diagrams for Apple’s already-released 2020 M1 MacBook Air refresh and an as-yet-unreleased laptop that features additional ports in line with the existing rumors for the upcoming laptop refresh from Apple.

These documents were stolen and are being leaked to extort Apple and Quanta. Due to the nature of their origin, we believe it would be unethical to extensively report on their contents. We’ve reached out to Apple for comment and will update this post with any new information.

Repost: Original Source and Author Link