Germany's energy future depends on wind – the wind energy sector is now not only the largest renewable energy source in the country, but is also becoming a lucrative target for cyberattacks. Operators of wind farms and wind turbines are caught between legal requirements and real threats. What steps should they take now? With this article, we kick off a three-part series for Cybersecurity Awareness Month 2025: the second article will focus on the EU AI Act, and the third will highlight the BSI IT Baseline Protection framework as a cornerstone of resilience.
Norderstedt, October 1, 2025 – Wind energy has become one of the central pillars of Germany's electricity supply: in 2024, renewable energies accounted for around 60 percent of electricity generation, with wind power accounting for almost a third of this. “The more important wind power becomes for security of supply, the more attractive it becomes for attackers,” says Leon von Sturm zu Vehlingen, Cyber Security Senior Consultant at Lufthansa Industry Solutions (LHIND).
Geopolitics as a risk driver
Since the start of Russia's war of aggression against Ukraine, hybrid threats have been on the rise. When the KA-SAT satellite network was affected by a Russian hacker attack in March 2022, remote access to thousands of wind turbines was lost, resulting in millions in damages. The fact that this was collateral damage once again highlights the vulnerability of the infrastructure of German wind farm operators. In the same year, Deutsche Windtechnik and wind turbine manufacturer Nordex reported further targeted attacks on critical parts of their infrastructure. Attacks on communications infrastructure and suppliers show that energy plants cannot be viewed in isolation. “Government and criminal actors are acting professionally, testing supply chains, remote access, and maintenance processes,” says von Sturm zu Vehlingen.
Open doors for hackers
Increasing digitalization is expanding the attack surface: turbines communicate with grid operators, regulators, and maintenance teams – sometimes via public or unsecured networks. Outdated software and poorly protected radio interfaces enable control commands to be transferred, even to the point of shutdown. A targeted attack can cause massive disruptions in grid operation.
Regulation increases the pressure to act
With NIS2 and the new KRITIS umbrella law, expectations are rising: systematic risk and business continuity management, strong access controls with multi-factor authentication, regular penetration tests, and rapid reporting of significant incidents within 24 hours are required. “The requirements of NIS2 and the KRITIS umbrella law are a necessary foundation for the resilience of our energy system,” says von Sturm zu Vehlingen.
What companies should do now
In Germany, wind power is part of critical infrastructure — its digital security is a strategic imperative. Operators should invest in secure communication technologies, harden systems, clarify responsibilities, and raise awareness among employees. “Anyone who takes the importance of wind power seriously must also take its digital security seriously. The need for action is enormous,” says von Sturm zu Vehlingen.