German wind turbine manufacturers Nordex and Enercon, as well as wind farm maintenance company Deutsche Windtechnik, all reported hacks in their company statements since the Ukraine war began. The first cyberattack on Enercon occurred on Feb. 24, the day Russia invaded Ukraine, and the following two cyberattacks on Nordex and Deutsche Windtechnik were identified on April 2 and April 11, respectively, as the war dragged on. 

No group or government has claimed responsibility for all three, but the timing of the attacks suggests potential links to supporters of Russia’s invasion of Ukraine. 

Criminal investigations have been launched regarding all three companies, but until more is known, neither analysts nor industry groups can claim the rising number of cyberattacks on German energy companies is associated with Russia’s war on Ukraine. But as Germany tries to wean itself off its reliance on Russian oil and gas, some analysts think that hackers sympathetic to Russia may be trying to cause chaos in the sector, which would threaten Russia’s geopolitical leverage.

“There is of course this element…of correlation,” Christoph Zipf, a spokesman for industry group WindEurope, told Fortune. 

Europe blocks gas

Russia’s oil and gas revenue last year brought in $119 billion to the Kremlin, helping fund the country’s military expenditures of roughly $62 billion per year, according to the London School of Economics. 

Europe is Russia’s biggest buyer, having imported 27% of its oil from the country before the war broke out. But since Russia invaded Ukraine, Europe has been trying to reduce its dependency on the country’s energy, with plans to slash its Russian gas imports by two-thirds within a year and implement “smart sanctions” with “some form of oil embargo,” the Times reported.  

So far Europe has avoided sanctioning oil—unlike the U.S., the U.K., and Canada, which have all banned the import of Russian energy—fearing the effect it will have on its economy and inflation. 

Germany, Europe’s biggest economy and largest energy consumer, previously rejected EU-wide sanctions on Russian fuel, arguing that cutting off this resource would damage the German economy. Five German economic institutes said the country would lose €220 billion ($238 billion) in economic output over the next two years if Russian natural gas is shut off.

But Germany has committed to electrifying its entire economy by 2035, updating the previous target of 2040, and to increasing the rollout of wind and solar energy across the country. And as Germany cuts its reliance on Russian natural gas imports, Russia’s main geopolitical leverage is threatened. 

A timeline of the cyberattacks

Enercon was the first German wind turbine manufacturer to be attacked. On Feb. 24, communication services via satellites went down “at almost exactly the same time that Russian troops invaded Ukraine,” the company said in a statement.

Around 5,800 Enercon turbines in central Europe with a total installed power of more than 10 gigawatts—enough energy to power 7.5 million homes—lost connection with satellites. 

“The incident is suspected to have happened in connection with the Russian war of aggression, the disruption of the communication to the [wind energy converters] is collateral damage,” the company said in a statement.

On April 2, Nordex said it discovered a security incident from March 31 that forced it to shut down its information technology system. Conti, a ransomware group that has declared support for the Russian government, claimed responsibility for the attack.

The last incident involved wind farm maintenance company Deutsche Windtechnik, which said on April 22 that an attack on its internal IT systems was made during the night of April 11.

“We need high IT security standards,” Matthias Brandt, director of Deutsche Windtechnik, told the Wall Street Journal in response to the growing attractiveness of the renewable-energy sector for cyberattacks.

“The crisis in Russia and Ukraine shows us that renewables are replacing oil and gas in the future,” he said.