Cyber Attack Shuts Down Wind Turbine Giant Nordex
Nordex Group, one of the world's largest manufacturers of wind turbines, has recently fallen victim to a cyber attack forcing them to take down multiple IT systems.
The organisation, headquartered in Hamburg, Germany, discovered the cyber attack in the early stages and immediately deployed measures in line with its incident response protocols.
Nordex Reporting on the Cyber Security Incident
Reporting on the cyber security incident, Nordex published a short statement outlining that “the intrusion was noted in an early stage and response measures initiated immediately in line with crisis management protocols.”
“The incident response team of internal and external security experts has been set up immediately in order to contain the issue and prevent further propagation and to assess the extent of potential exposure.”
Possible Ransomware Attack
The organisation didn’t provide any further information on the type of cyber attack it fell victim to, but shutting down systems may lean towards an indicator of a ransomware attack.
The system shutdown could have an impact on their customers, employees, and stakeholders but they have promised to deliver updates on the impact as more information becomes available.
Nordex, which reported over €5.4 billion in sales in 2021, has over 8,600 employees and a manufacturing network in multiple locations including Germany, Spain, the USA, Brazil, India and Mexico.
Vestas Ransomware Attack
This is not the first time a wind turbine manufacturer has been hit by malicious actors.
In November of last year, Vestas Wind Systems discovered a cyber security incident in which malicious actors hacked the organisation's systems and leaked stolen sensitive data.
Vestas has noted that the investigations into the attack are still ongoing and they have not discovered any indication that the event has impacted their supply chain or their current customers.
Henrik Andersen, President and Chief Executive Officer of Vestas, stated that “On 19 November Vestas discovered an attack from a threat actor, which we are pleased to say failed in their attempt to extort Vestas.
Our resilience in such a difficult situation is strengthened by the support we have received from our customers, employees, suppliers, and other partners, and on behalf of Executive Management and the Board of Directors I want to thank everyone who has helped us get to the point we are now.
Unfortunately, the attackers did manage to steal data from Vestas, and that data has been illegally shared externally. To mitigate this situation, we are working hard to identify any leaked data and will collaborate with affected stakeholders and authorities”.
Like Nordex, the organisation had to shut down its IT systems across multiple business units and locations to stop the issue from spreading.
How Can We Help?
One of the best ways to reduce the likelihood of a successful cyber attack is through experience.
Secora offers a wide range of services that are tailored to your organisation's specific requirements:
- We can help you prepare for the worst-case scenario by simulating threats to your organisation.
- We can help improve your cyber security posture, reducing your exposure to a breach.
- We can simulate phishing campaigns to highlight cyber security awareness within your organisation and demonstrate how a breach may occur.
Partner with us today and our experienced penetration testing and cyber security consultants will go the extra mile to ensure your organisation stays secure during these testing times.
All of Secora Consulting's assessments are tailored to our client's needs.
Using our experience, we can help you determine which services are right for you.