UPDATE 2 - Russia-backing Conti claims Nordex cyber attack

Conti, a ransomware group siding with Russia, last week said it was responsible for the cyberattack on Nordex SE (ETR:NDX1) at the end of March.

The German wind turbine maker was hit by a cyber security incident on March 31. It shut down IT systems across multiple locations and business units and took measures to contain the issue. In a recent update Nordex said the incident had been limited to the internal IT infrastructure and had not spread to any third-party assets.

According to the latest Crypto Crime Report, Conti was the biggest ransomware strain in 2021, in terms of revenue. It collected at least USD 180 million (EUR 165.5m) from victims. Conti operates using the ransomware-as-a-service (RaaS) model and mainly targets large companies.

When Russia invaded Ukraine, Conti declared full support for the Russian government. Soon after that a Ukrainian IT specialist leaked thousands of files, chat logs and data from Conti, including evidence suggesting that Conti operatives were in contact with the Russian government, including the main internal security service – the FSB.

According to a report by BleepingComputer, the ransomware group has not yet started leaking Nordex data.

Choose your newsletter by Renewables Now. Join for free!