German wind turbine giant Deutsche Windtechnik has issued a notification to warn that some of its IT systems were impacted in a targeted professional cyberattack earlier this month.
The incident, which the company says occured on April 11, forced incident responders to switch off the remote data monitoring connections to the wind turbines for security reasons. Deutsche Windtechnik says it reactivated the connections two days later.
“We are very happy that the wind turbines that we look after did not suffer any damage and were never in danger,” the company said in a statement.
Deutsche Windtechnik also announced that it managed to resume client operational maintenance activities on April 14, with only minor restrictions.
The company says all of its IT systems were assessed in a secure environment and the issues were identified and isolated. Furthermore, the wind turbine giant has increased the security of its systems following the incident.
“The forensic analysis has been completed and the result has shown that this was a targeted professional cyberattack,” Deutsche Windtechnik said. The company says it still hasn’t fully restored its systems.
While Deutsche Windtechnik did not say what type of cyberattack it fell victim to, there is a high probability that ransomware might have been involved, although no known ransomware groups have claimed the attack yet.
According to The Wall Street Journal, Deutsche Windtechnik, which lost control of roughly 2,000 turbines during the attack, indeed fell victim to ransomware, but was able to restore its systems without having to contact the attackers.
Additionally, the attack on Deutsche Windtechnik happened shortly after wind turbine maker Nordex SE fell victim to the Conti ransomware criminal gang. In early March, wind turbine manufacturer Enercon GmbH lost remote connection to roughly 5,800 turbines after Viasat’s satellite network was hacked.