Deutsche Windtechnik hit with a cyberattack, a third on Germany's wind energy sector

The German company is a third wind turbine operator hit by hackers in less than two months.

The cyberattack forced Deutsche Windtechnik, a German wind turbine maintenance, and repair company, to turn off its IT systems on April 11 and April 12, the company announced in a statement.

According to Deutsche Windtechnik, its IT team had to deactivate the company's remote data monitoring connections to the wind turbines that were switched off for security reasons. The attack did not harm the company's wind turbines, and regular activity was restored on April 14, with minor restrictions to its customers.

"The forensic analysis has been completed and the result has shown that this was a targeted professional cyberattack," reads the company's statement.

Deutsche Windtechnik has over 7.5 thousand wind turbines under contract and employs more than 2,000 people. The company's turnover last year amounted to $280 million.

While the statement does not specify the type of attack against Deutsche Windtechnik, Matthias Brandt, director of the company, told the Wall Street Journal it was a ransomware attack.

The company's IT systems were infected with malware. An electronic ransom note was found on Deutsche Windtechnik's systems, demanding the company contact hackers to restore the system. However, Brandt explained that the company managed to restore operation on its own.

Image by Deutsche Windtechnik.

Wave of attacks

Another German wind turbine operator, Nordex, was hit by a cyberattack on the last day of March. As a result, the company was forced to shut down 'various IT systems.'

Ransomware group Conti claims it was behind the cyberattack that knocked out Nordex at the end of March. Conti announced support for the Kremlin after Russia launched a war in Ukraine on February 24.

"If anybody will decide to organize a cyberattack or any war activities against Russia, we are going to use our all possible resources to strike back at the critical infrastructures of an enemy," the Conti blog post said.

Interestingly enough, a Russian attack on satellite operator ViaSat on the day of the invasion knocked out the remote control of over 5,000 wind turbines operated by another German company, Enercon.

Although it's not clear if the three attacks are related, operational disruptions of German energy companies echo Moscow's agenda. The German economy is highly dependent on oil and gas imports from Russia, and Berlin has been searching for alternatives ever since the war in Ukraine started.

Some experts believe that a flood of ransomware attacks in 2021 could have been an attempt to test western critical infrastructure in preparation for a conflict in Ukraine.

More from Cybernews:

The summoning of Ukraine’s IT army let the genie out of the bottle – interview

308,000 databases were exposed to the open web in 2021: report

DeFi on the ropes as digital thefts double

Down but not out: Russian crooks rally to new strongholds

US offers $10 million for Russian military hackers behind NotPetya attacks

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked