While Russia consistently denies any launching of cyberattacks, attack details point to reasonable intent by and cybercriminal ties to the Russian government.
When you see one German-based wind energy company attacked with ransomware, you may just chalk it up to either an opportunistic attack or to a cybercriminal group focusing on companies they think have monies to pay a ransom. But when three wind energy companies in Germany are targeted in a short period of time, you begin to wonder why.
Could it be that Germany has publicly announced plans to move away from their reliance on Russian oil and gas, and move towards renewable energy sources (which includes wind) by 2035, starting this year?
The current thinking is that these attacks are all Conti ransomware, which has been shown via leaked chats from the dark web to have ties to Russian security services. So it stands to reason that these attacks may very well be prime examples of cyberattacks on those countries that do not support or pose a threat to Russia.
The White House has already warned U.S. businesses and government organizations to prepare for possible cyberattacks from Russia-aligned cybercriminal groups back in March – the attacks in Germany may be a precursor of what’s to come on this side of the Atlantic Ocean. Organizations need to shore up their cybersecurity defenses, looking at propping up a layered defense that addresses the attack vectors used by today’s attacks – which includes phishing, requiring the use of Security Awareness Training to aid in reducing your user’s unwitting participation in attacks that use social engineering.