Nordex Hit by Cyberattack, Shuts Down IT Systems Across Global Operations German wind turbine manufacturer Nordex has taken its IT systems offline following a cyberattack detected on 31 March. The company swiftly assembled an incident response team comprising internal and external security experts to contain the breach, prevent further spread, and assess potential exposure. In a 2 April statement, Nordex confirmed the attack was identified early, prompting a precautionary shutdown of systems across multiple locations and business units. The disruption may impact customers, employees, and other stakeholders, though no additional details have been disclosed. The incident follows a pattern of cyber threats targeting the renewable energy sector. In November 2021, Danish turbine manufacturer Vestas suffered a ransomware attack by the Lockbit group, which later leaked stolen data on the dark web. Unlike politically motivated attacks, Lockbit has maintained an apolitical stance, stating its sole focus is financial gain. Meanwhile, Enercon experienced collateral damage in February 2022 when a cyberattack on European satellite systems linked to Russia’s invasion of Ukraine disabled remote monitoring for nearly 6,000 turbines (11GW capacity). Unlike Enercon’s case, it remains unclear whether Nordex’s breach was opportunistic or a targeted ransomware attack. The wind power industry has increasingly become a target for cyber threats, with the International Energy Agency (IEA) identifying such attacks as a major risk to renewable energy infrastructure. Insurers like GCube have also warned of rising cyber vulnerabilities, particularly during periods of operational disruption. As investigations into the Nordex incident continue, the broader sector faces growing pressure to bolster defenses against evolving cyber risks.

The wind turbine giant Nordex was recently targeted in a ransomware attack by the Conti ransomware group. The group targeted its IT systems and shut down remote access to the managed turbines. The Nordex immediately isolated the systems and contained the attack.