Vestas and Nordex: Wind turbine maker Nordex shuts down systems as cyber attack hits

Vestas and Nordex: Wind turbine maker Nordex shuts down systems as cyber attack hits

Nordex Hit by Cyberattack, Shuts Down IT Systems Across Global Operations

German wind turbine manufacturer Nordex has taken its IT systems offline following a cyberattack detected on 31 March. The company swiftly assembled an incident response team comprising internal and external security experts to contain the breach, prevent further spread, and assess potential exposure. In a 2 April statement, Nordex confirmed the attack was identified early, prompting a precautionary shutdown of systems across multiple locations and business units. The disruption may impact customers, employees, and other stakeholders, though no additional details have been disclosed.

The incident follows a pattern of cyber threats targeting the renewable energy sector. In November 2021, Danish turbine manufacturer Vestas suffered a ransomware attack by the Lockbit group, which later leaked stolen data on the dark web. Unlike politically motivated attacks, Lockbit has maintained an apolitical stance, stating its sole focus is financial gain. Meanwhile, Enercon experienced collateral damage in February 2022 when a cyberattack on European satellite systems linked to Russia’s invasion of Ukraine disabled remote monitoring for nearly 6,000 turbines (11GW capacity). Unlike Enercon’s case, it remains unclear whether Nordex’s breach was opportunistic or a targeted ransomware attack.

The wind power industry has increasingly become a target for cyber threats, with the International Energy Agency (IEA) identifying such attacks as a major risk to renewable energy infrastructure. Insurers like GCube have also warned of rising cyber vulnerabilities, particularly during periods of operational disruption. As investigations into the Nordex incident continue, the broader sector faces growing pressure to bolster defenses against evolving cyber risks.

Source: https://www.windpowermonthly.com/article/1751954/wind-turbine-maker-nordex-shuts-down-systems-cyber-attack-hits

Vestas cybersecurity rating report: https://www.rankiteo.com/company/vestas

Nordex Group cybersecurity rating report: https://www.rankiteo.com/company/nordex

"id": "VESNOR1780527378",
"linkid": "vestas, nordex",
"type": "Ransomware",
"date": "4/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Renewable Energy (Wind Turbines)',
                        'location': 'Global',
                        'name': 'Nordex',
                        'type': 'Company'}],
 'date_detected': '2023-03-31',
 'date_publicly_disclosed': '2023-04-02',
 'description': 'German wind turbine manufacturer Nordex has taken its IT '
                'systems offline following a cyberattack detected on 31 March. '
                'The company swiftly assembled an incident response team '
                'comprising internal and external security experts to contain '
                'the breach, prevent further spread, and assess potential '
                'exposure. The disruption may impact customers, employees, and '
                'other stakeholders.',
 'impact': {'operational_impact': 'Disruption to operations, potential impact '
                                  'on customers, employees, and stakeholders',
            'systems_affected': 'IT systems across multiple locations and '
                                'business units'},
 'investigation_status': 'Ongoing',
 'references': [{'date_accessed': '2023-04-02',
                 'source': 'Nordex Public Statement'},
                {'source': 'International Energy Agency (IEA)'},
                {'source': 'GCube Insurance'}],
 'response': {'communication_strategy': 'Public statement on 2 April',
              'containment_measures': 'IT systems shutdown across multiple '
                                      'locations and business units',
              'incident_response_plan_activated': 'Yes',
              'third_party_assistance': 'External security experts'},
 'stakeholder_advisories': 'Customers, employees, and stakeholders may be '
                           'impacted',
 'title': 'Nordex Cyberattack and IT Systems Shutdown',
 'type': 'Cyberattack'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.