With apologies to singer/songwriter Bob Dylan, “The answer my friend, is blowing in the wind.” Hackers do not care if the energy source is renewable or fossil fuel, they will attack it and turn out your lights and everything electric (yes, your network). German wind turbine giant Deutsche Windtechnik https://www.deutsche-windtechnil.com has issued a notification to warn that some of its IT systems were impacted in a targeted professional cyberattack earlier in April 2022.
The incident, which the company says occurred on 11 April 2022, forced incident responders to switch off the remote data monitoring connections to the wind turbines for security reasons. Deutsche Windtechnik says it reactivated the connections two days later. “We are very happy that the wind turbines that we look after did not suffer any damage and were never in danger,” the company said in a statement. Deutsche Windtechnik also announced that it managed to resume client operational maintenance activities on 14 April 2022, with only minor restrictions. The company says all of its IT systems were assessed in a secure environment and the issues were identified and isolated. Furthermore, the wind turbine giant has increased the security of its systems following the incident. "The forensic analysis has been completed and the result has shown that this was a targeted professional cyberattack,” Deutsche Windtechnik said. The company says it still hasn’t fully restored its systems. While Deutsche Windtechnik did not say what type of cyberattack it fell victim to, there is a high probability that ransomware might have been involved, although no known ransomware groups have claimed the attack yet.
According to The Wall Street Journal, Deutsche Windtechnik, which lost control of roughly 2,000 turbines during the attack, indeed fell victim to ransomware, but was able to restore its systems without having to contact the attackers. Additionally, the attack on Deutsche Windtechnik happened shortly after wind turbine maker Nordex SE fell victim to the Conti ransomware criminal gang. In early March 2022, wind turbine manufacturer Enercon GmbH lost remote connection to roughly 5,800 turbines after Viasat’s satellite network was hacked. See: https://redskyalliance.org/xindustry/resurgence-of-conti-ransomware
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs. com Weekly Cyber Intelligence Briefings: • Reporting: https://www. redskyalliance. org/ • Website: https://www. wapacklabs. com/ • LinkedIn: https://www. linkedin. com/company/64265941 Weekly Cyber Intelligence Briefings: REDSHORTS - Weekly Cyber Intelligence Briefings https://attendee.gotowebinar.com/register/5504229295967742989
Comments