UPDATE 2 - Russia-backing Conti claims Nordex cyber attack

Author: Christoph Scholz.

April 18 (Renewables Now) - Conti, a ransomware group siding with Russia, last week said it was responsible for the cyberattack on Nordex SE (ETR:NDX1) at the end of March.

The German wind turbine maker was hit by a cyber security incident on March 31. It shut down IT systems across multiple locations and business units and took measures to contain the issue. In a recent update Nordex said the incident had been limited to the internal IT infrastructure and had not spread to any third-party assets.

According to the latest Crypto Crime Report, Conti was the biggest ransomware strain in 2021, in terms of revenue. It collected at least USD 180 million (EUR 165.5m) from victims. Conti operates using the ransomware-as-a-service (RaaS) model and mainly targets large companies.

When Russia invaded Ukraine, Conti declared full support for the Russian government. Soon after that a Ukrainian IT specialist leaked thousands of files, chat logs and data from Conti, including evidence suggesting that Conti operatives were in contact with the Russian government, including the main internal security service – the FSB.

According to a report by BleepingComputer, the ransomware group has not yet started leaking Nordex data.

Join Renewables Now's free daily newsletter now!

More stories to explore
Share this story
About the author
Browse all articles from Tsvetomira Tsanova

Tsvet has been following the development of the global renewable energy industry for almost nine years. She's got a soft spot for emerging markets.

More articles by the author
5 / 5 free articles left this month
Get 5 more for free Sign up for Basic subscription
Get full access Sign up for Premium subscription