Danish manufacturer Vestas is still investigating the cyber security attack that hit its IT systems on 19 November, but wind turbine and supply chain operations have been unaffected, the company said earlier today.
Investigations revealed the company had been hit with a ransomware attack, which impacted its internal systems and resulted in data being compromised.
The incident caused the company to shut down IT systems “across multiple business units and locations” but it is now close to normal operations, having conducted extensive investigations, forensics, restoration activities and hardening of its IT systems and IT infrastructure. It says there is no indication the incident impacted customer and supply chain operations, which is supported by the forensics investigation carried out with the assistance of third-party experts.
While it appears the data breach mostly relates to Vestas’ internal matters, the extent to which data has been compromised is still being investigated, it added.
The wind power sector has long seen the potential for cyber disruption.
An IEA report last year mentioned cyber attacks as one of the key threats to wind power and other renewable power sources, while insurer GCube warned of cyber threats becoming more prevalent during the Covid-19 pandemic.