[BreachExchange] Next-gen Nvidia GPU plans revealed in massive data hack

Terrell Byrd terrell.byrd at riskbasedsecurity.com
Tue Mar 1 10:46:20 EST 2022


https://www.digitaltrends.com/computing/next-gen-nvidia-gpu-plans-revealed-in-massive-data-hack/

More information deriving from the recent Nvidia cyber breach has started
to emerge, which reportedly reveals details pertaining to the company’s
upcoming GPUs.

Nvidia has also publicly acknowledged the cybersecurity incident,
confirming that “proprietary information” has indeed been leaked online.

As reported by VideoCardz, an individual sent several pictures detailing
the Ada, Hopper, and Blackwell GPU architectures. These codenames have all
been previously reported to represent Nvidia’s next-generation graphics
cards for both gaming and data centers.

The source of the pictures has yet to be verified, but it’s likely that the
person who sent them found them from the 1TB hack. That’s an absolutely
enormous amount of data, so leaks from the breach will naturally begin to
appear online. Lending credence to the validity of this particular leak is
Nvidia’s admission that “proprietary information from our systems” was
taken by hackers and the fact that they have “begun leaking it online.”

In any case, this specific leak appears to confirm that Ada is indeed the
successor to the current-generation Ampere architecture that powers Nvidia
GPUs. AD102, AD103, AD104, AD106, AD107, and AD10B were all mentioned.
However, the exact configurations of those upcoming GPUs have yet to be
revealed.

Anticipation is mounting for the Ada-based GeForce RTX 40-series video
cards. Although they may share similarities with the current Ampere
architecture, they’re still set to offer notable performance upgrades.
Specifically, it will reportedly double the teraflops (TFLOPS) count of the
3090 Ti.

Elsewhere, another screenshot shared with VideoCardz seemingly confirms
that Hopper will be the name behind next-gen GPUs powering data centers,
with two models, GH100 and GH202, cited within the data. Meanwhile, another
purported codename for Nvidia’s accelerated computing boards, Blackwell,
was listed alongside the reference of two versions: GB100 and GB102.

Finally, Nvidia has confirmed its security systems were infiltrated in a
statement, as reported by VideoCardz:

“On February 23, 2022, NVIDIA became aware of a cybersecurity incident
which impacted IT resources. Shortly after discovering the incident, we
further hardened our network, engaged cybersecurity incident response
experts, and notified law enforcement.

We have no evidence of ransomware being deployed on the NVIDIA environment
or that this is related to the Russia-Ukraine conflict. However, we are
aware that the threat actor took employee credentials and some NVIDIA
proprietary information from our systems and has begun leaking it online.
Our team is working to analyze that information. We do not anticipate any
disruption to our business or our ability to serve our customers as a
result of the incident.

Security is a continuous process that we take very seriously at NVIDIA –
and we invest in the protection and quality of our code and products daily.”

The implications of this unprecedented hack are far-ranging. As mentioned,
the amount of data stolen is a hefty 1TB. LOPSUS$, the group claiming to be
responsible for the attack, stated it extracted the “most important stuff,”
ranging from documentation, private tools, schematics, drivers, firmware,
and more. Despite Nvidia’s purported revenge in the form of its own hack,
South American-based LOPSUS$ stressed that it created a backup.

LOPSUS$ commenced its leak yesterday, which has obviously resulted in
today’s story about Team Green’s GPU plans. Looking ahead, the hacking
group alleges that it has obtained the algorithm behind Nvidia’s crypto
mining limiter for its 30-series graphics cards. The group demands the
company remove all existing light hash rate limitations, or it will release
folders containing sensitive data it has in its possession.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20220301/4b3029f6/attachment.html>


More information about the BreachExchange mailing list