April 25 – Since the start of the war in Ukraine, three different cyber attacks on European wind-energy companies have occurred. The attacks are believed to be geopolitically motivated. Affected businesses have not publicly attributed the hacks to a specific cyber criminal entity or nation.
Russia denies any involvement. Nonetheless, according to Christoph Zipf, a spokesperson for WindEurope, the attacks may be linked to supporters of Russia’s invasion of Ukraine.
Industrial security attacks
Serious cyber threats to industrial equipment do not occur frequently, although experts have recently suggested future potential for these types of threats. Several of the latest threats may have occurred on account of Conti malware.
Renewable energy and security
Renewable energy is growing in popularity. For example, by 2035, Germany intends to rely nearly entirely on renewable energy electricity. Higher IT security standards in relation to the renewable energy sector are needed, according to some within the field.
A cyber criminal capable of infecting the industrial equipment that controls wind turbines could theoretically manipulate the machines’ mechanisms in order to halt power production. In turn, this could disrupt wind-powered services to customers (in addition to limiting revenue for producers).
Avoid ransomware devastation
During one recent ransomware disruption, wind-turbine machines displayed code that looked like hieroglyphs. Shortly thereafter, company employees found an electronic note from hackers requesting contact. The company managed to resolve the majority of the issues without reaching out to the ransomware gang.
This organization managed to restore systems quickly, but not all organizations are so well-prepared or cyber-capable. Depending on the nature and quality of backups, it can take weeks to restore systems after a ransomware attack. Ensure that your organization leverages robust backup systems, enabling you to negate fallout from any ransomware incident.
For more information about ransomware threats, see Cybertalk.org’s past coverage. Lastly, to receive more cutting-edge cyber security news, best practices and analyses, please sign up for the CyberTalk.org newsletter.