Hackers attacking energy transition

Germany's Federal Economics Minister Robert Habeck has been a busy man since the Russian invasion of Ukraine. Hardly a day goes by without him being on the road to reduce Germany's dependence on Russian raw materials. At the beginning of the week, for example, he announced that Germany meanwhile only gets 12 percent of its oil from Russia instead of 35 percent before. Actually, this was supposed to end completely by the end of the year at the latest, but now it could happen faster, possibly even within days, as Habeck announced during his trip to Poland this week. Gas supplies are also being reduced almost every week, although there is no end in sight.

This approach does not go down well with Russia - because the country is financing its war of aggression against Ukraine to a large extent from the proceeds of its commodity sales. Apparently, Putin is therefore counterattacking and targeting the German electricity supply.

Since the beginning of the war alone, there have been at least three large-scale cyberattacks on German wind industry companies. Enercon was the first to be hit. While experts initially assumed that the wind turbines were some kind of "collateral damage" in the course of an attack on a European satellite system, the whole thing now looks like a targeted attack. The intention is to hit German infrastructure in order to keep dependencies on raw material imports from Russia high.

Of course, there is no official proof of this, but media outlet Computerwoche e.g. sees a connection: "Although the attacks (as is so often the case) cannot be linked beyond doubt to Russia or the Russian government, the timing and the use of the Conti ransomware fuel the suspicion that criminal, pro-Russian hackers are increasingly targeting companies in the renewable energy sector in order to sabotage the exit from Russian oil and gas."

After Enercon needed weeks to get all its wind turbines - which, by the way, continued to produce electricity diligently in the meantime - back under control, the next German turbine manufacturer to be hit was Nordex. "On 31 March 2022 Nordex Group IT security detected that the company is subject to a cyber security incident. The intrusion was noted in an early stage and response measures initiated immediately in line with crisis management protocols. As a precautionary measure, the company decided to shut down IT systems across multiple locations and business units," the company announced on 2 April.

All companies should check the security of their IT systems, emphasises the US Department of Energy (Image: Pixabay)

Then, on 12 April, Deutsche Windtechnik became the victim of a cyberattack. "We were able to assess all IT systems in a secure environment and to identify and isolate the problems. The forensic analysis is completed and the result shows that this was a targeted professional cyber attack," the Bremen-based company announced on 22 April.

Its boss, Matthias Brandt, does not believe that these attacks will be the only ones. He told the Wall Street Journal: "We need high IT security standards. The crisis in Russia and Ukraine shows us that renewables will be replacing oil and gas in the future."

This would deprive Russia of its most important source of income. Cybersecurity experts working with Deutsche Windtechnik are still investigating whether Conti malware was used in the ransomware attack, but chats from Conti ransomware users that surfaced on the internet last month revealed links to Russian security services.

And Germany is not the only country facing attacks. Putin's public announcement to "retaliate" against the UK, whose government is particularly supportive of Ukraine, is the first indication that British companies may soon also be the focus of such attacks. Ultimately, the whole of Europe is affected, as almost all countries are currently trying to make themselves independent of Russian raw materials.

The U.S. is also aware of the threat from the grid: "Investing in cutting-edge cyber security technology keeps us at the forefront of global innovation and protects America’s power grid in the face of increasing cyber threats from abroad," U.S. Secretary of Energy Jennifer Granholm therefore emphasised earlier this week when her department awarded the allocation of $12 million for research to improve IT security in energy systems. "This funding will bolster our commitment to a secure and resilient clean energy future by fortifying American electricity systems and building a stronger grid."

Another step against Putin's war machine.