Wind turbine maker Nordex shuts down systems as cyber attack hits

Germany-based Nordex has shut down IT systems across its business after becoming the latest turbine manufacturer to be hit by a cyber attack. The company said the attack was detected on 31 March, with an incident response team of internal and external security experts “set up immediately to contain the issue and prevent further propagation and to assess the extent of potential exposure”.

In a statement on 2 April, the company said: “The intrusion was noted at an early stage and response measures initiated immediately in line with crisis management protocols. As a precautionary measure, the company decided to shut down IT systems across multiple locations and business units.”

The shutdown, it added, may affect customers, employees and other stakeholders. No further details have so far been released.

In November 2021, Danish turbine manufacturer Vestas was hit by a ransomware attack. The hackers, Russian cyber crime cell Lockbit, were only able to access the company’s internal systems, but they did subsequently publish the stolen personal data on the dark web.

Germany’s Enercon also suffered the impact of a cyber incident at the start of Russia’s war on Ukraine. The cyber attack on European satellite systems saw the remote monitoring and control systems for nearly 6,000 Enercon turbines, totalling 11GW, become “collateral damage” in the opening salvo of the war.

As Windpower Monthly reported in its April issue, it was confirmed at the time that the cyber incident had not been a specific attempt to hack Enercon’s systems.

At present, it is still unclear whether the Nordex episode is similar to Enercon’s or to the targeted ransomware attack experienced by Vestas, which was purely motivated by money. 

Lockbit, the hacker behind the Vestas attack, has also made clear that it takes an apolitical stance.”For us, it is just business, and we are all apolitical,” it said in a statement on its website. “We are only interested in money. We will never, under any circumstances, take part in cyber attacks on critical infrastructures of any country in the world or engage in any international conflicts.”

Last year, an IEA report said cyber attacks are a major threat to wind power and other renewable power sources, while in 2020 insurer GCube warned of cyber threats becoming more prevalent during the Covid-19 pandemic.