IT security at Nordex last week detected that the wind turbine manufacturer was subject to a “cyber security incident”.
The intrusion was discovered at an early stage on Thursday and response measures were initiated immediately in line with crisis management protocols, the company said, which nevertheless decided to shut down IT systems across multiple locations and business units.
Nordex is the second German wind OEM to suffer a cyberattack since Russia’s war on Ukraine began. Privately-held premium manufacturer Enercon was hit by a cyberattack at the start of the Russian invasion, which cut remote service links to almost 6,000 wind turbines in central Europe.
The cyberattack on Nordex came amid a heated debate in Germany over a possible embargo on Russian oil & gas deliveries that Moscow is eager to avoid as it would lose billions in fossil fuel revenues. Russia accounts for about 55% of German fossil-gas supplies, for half of its hard coal, and about a third of its oil consumption.
German economics and climate minister Robert Habeck last week declared an early warning level in the country’s gas emergency plan, meaning Europe’s largest economy is preparing for a possible stop of Russian gas flows. The step came in the wake of the Russia’s demand to only accept payments for gas in roubles, following Western sanctions against its invasion of Ukraine.
While the atrocities committed by Russian troops in suburbs of the Ukrainian capital Kiev may sway German public opinion towards favouring an energy embargo even at a heavy economic cost, a simultaneous threat to its electricity supply could unsettle consumers.
Wind power during the first three months of this year accounted for a third of Germany’s net power generation.
Nordex didn’t provide any clues as to where the cyberattack may have originated, though.
“The incident response team of internal and external security experts has been set up immediately in order to contain the issue and prevent further propagation and to assess the extent of potential exposure,” the company said in a statement.
Customers, employees, and other stakeholders may be affected by the shutdown of several IT systems, the company said, adding it will provide further updates when more information is available.