February 24, 2022: German Wind Turbine Maker Enercon’s Services 90% Restored
German wind turbine maker, Enercon GmbH, is still restoring remote monitoring and maintenance capabilities for its turbines affected by a satellite outage at the end of February.
The company said over 90 percent of its 5,800 machines are online. The communication link has been restored for 1,156 wind parks in central Europe and service teams continue to work on the remaining 193 wind farms, the wind turbine manufacturer said Friday.
The remote monitoring and maintenance of the 5,800 machines with a combined output of more than 10 GW was affected by a satellite outage at Viasat on the same day as Russia invaded Ukraine. Viasat also had satellite operations going on in Ukraine and Enercon may have suffered as a part of being collateral damage in the attack.
March 31, 2022: German Wind Turbine Maker Hit in Cyberattack
A cyberattack shut down a German wind turbine maker’s IT systems across multiple locations and business units March 31.
Nordex designs, sells and manufactures wind turbines, reporting just over $5.9 billion in sales last year. The company has factories in Germany, China, Mexico, United States, Brazil, Spain and India.
“On 31 March 2022 Nordex Group IT security detected that the company is subject to a cyber security incident,” the company said in an advisory. “The intrusion was noted in an early stage and response measures initiated immediately in line with crisis management protocols. As a precautionary measure, the company decided to shut down IT systems across multiple locations and business units."
March 10, 2022: Auto Parts Supplier Suffers Ransomware Attack
Global automotive parts supplier Denso suffered a ransomware attack last week, company officials said.
The ransomware attack group was Pandora. Japan-based Denso officials said they detected unauthorized access using ransomware at Denso Automotive Deutschland GmbH, a group company that handles sales and engineering in Germany, on Thursday (March 10).
Denso “promptly responded,” spokeswoman Izumi Saito said Sunday in a published report. Eventhough the company is still reeling from the attack, it has not had an impact on operations, Saito said.
March 11, 2022: German Subsidiary Of Russia’s Rosneft Hacked
The German subsidiary of Russian energy giant Rosneft has been hit by a cyberattack, the Federal Office for Information Security (BSI) said Monday.
The hacker group Anonymous is claiming responsibility, according to a report from the French wire service, AFP. Rosneft Deutschland reported the incident in the early hours of Saturday morning, the BSI said.
Anonymous published a statement Friday claiming responsibility for the attack saying it had captured 20 terabytes of data. Prosecutors in Berlin have opened an investigation, according to a report in Der Spiegel magazine.
January 29, 2022: German Oil Tank Farm Shut Down
German tank logistics company Oiltanking fell victim to a cyber attack Saturday which shut down the loading and unloading of the company’s tank farms.
The company confirmed the attack to the publication “Handelsblatt” Monday. The attack also affected the mineral oil trader Mabanaft, like Oiltanking, a subsidiary of the Hamburg, Germany, group Marquard & Bahls.
An Oiltanking spokesperson said: “On Saturday 29 January 2022, Oiltanking GmbH Group and Mabanaft GmbH & Co. KG (Mabanaft) Group discovered we have been the victim of a cyber incident affecting our IT systems.
April 26, 2016: German Nuke Infected with Malware
A nuclear power plant in Germany suffered from an infection of computer viruses, but they appear not to have posed a threat to the facility’s operations, the station’s operator said April 26.
The Gundremmingen plant, located about 120 km (75 miles) northwest of Munich, is run by the German utility RWE.
The viruses, which include W32.Ramnit and Conficker, ended up discovered at Gundremmingen’s B unit in a computer system retrofitted in 2008 with data visualization software associated with equipment for moving nuclear fuel rods, RWE said. The operating system ended up saved because it was not connected to the Internet.
Malware was also on 18 removable data drives, mainly USB sticks, in office computers maintained separately from the plant’s operating systems. RWE said it increased cyber security measures as a result.
October 13, 2019: Ransomware Attack: Automation Supplier, Pilz, Down
Automation product supplier, Pilz, remains down after a week because of a ransomware attack.
Germany-based Pilz reached out to the prosecutor’s office and Federal Office for Security in Information Technology after suffering a targeted cyber-attack Oct. 13. Despite setting up an incident response team to locate the source of the attack and resolve the disruption, it warned that outages will continue for several more days.
January 1, 2014: German Steel Mill Cyber Attack
WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.
March 18, 2014: Cyber attack at German Steel Mill damages equipment
Attackers gained access to the company network using an advanced social engineering attack. They then worked their way onto the control system network. and caused an issue with the controls that placed the furnace into an undefined state causing a furnace to not be able to be shut down in the regular way. This resulted in massive damage to the entire system.
February 25, 2021: JFC International Ransomware Attack
JFC International (Europe) was recently subject to a ransomware attack that briefly disrupted its IT systems. A full forensic investigation by in- house specialists together with external cyber experts was immediately started and is underway.