A cyber attack forced the wind turbine manufacturer Nordex Group to shut down some of IT systems

Pierluigi Paganini April 06, 2022

Nordex Group, one of the largest manufacturers of wind turbines, was hit by a cyberattack that forced the company to shut down part of its infrastructure.

Nordex Group, one of the world’s largest manufacturers of wind turbines, was the victim of a cyberattack that forced the company to take down multiple systems.

The attack was uncovered on March 31 and the company immediately started its incident response procedure to contain the attack.

Nordex Group shut down “IT systems across multiple locations and business units” as a precautionary measure to prevent the threat from spreading across its networks.

“On 31 March 2022 Nordex Group IT security detected that the company is subject to a cyber security incident. The intrusion was noted in an early stage and response measures initiated immediately in line with crisis management protocols. As a precautionary measure, the company decided to shut down IT systems across multiple locations and business units.” reads the announcement published by the company. “The incident response team of internal and external security experts has been set up immediately in order to contain the issue and prevent further propagation and to assess the extent of potential exposure.”

Nordex did not disclose technical details of the cyberattack, but the fact that it was forced to shut down part of its IT infrastructure suggests that it fell victim to a ransomware attack.

According to the press release, customers, employees, and other stakeholders may be affected by the shutdown of the company’s systems.

Nordex did not disclose technical details of the cyberattack, but the fact that it was forced to shut down part of its IT infrastructure suggests that it felt victim to a ransomware attack.

In November another manufacturer of wind turbines was hit by a cyber attack, it was the Danish wind turbine giant Vestas Wind Systems. The company was hit by the Lockbit 2.0 ransomware gang than published stolen data in December after the negotiation for the ransomware payment failed.

Please vote Security Affairs as best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: https://forms.gle/4D4PygUVcNxFQ6iFA

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Nordex Group)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini July 11, 2025

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

Pierluigi Paganini July 10, 2025