Vestas confirms cyber security incident was ransomware attack

Operations now close to normal after investigations find breach mostly hit turbine manufacturer’s internal data

Vestas said it is now close to normal operations following the cyber attack

Danish manufacturer Vestas is still investigating the cyber security attack that hit its IT systems on 19 November, but wind turbine and supply chain operations have been unaffected, the company said earlier today.

Investigations revealed the company had been hit with a ransomware attack, which impacted its internal systems and resulted in data being compromised.

The incident caused the company to shut down IT systems “across multiple business units and locations” but it is now close to normal operations, having conducted extensive investigations, forensics, restoration activities and hardening of its IT systems and IT infrastructure. It says there is no indication the incident impacted customer and supply chain operations, which is supported by the forensics investigation carried out with the assistance of third-party experts.

While it appears the data breach mostly relates to Vestas’ internal matters, the extent to which data has been compromised is still being investigated, it added.

The wind power sector has long seen the potential for cyber disruption. 

An IEA report last year mentioned cyber attacks as one of the key threats to wind power and other renewable power sources, while insurer GCube warned of cyber threats becoming more prevalent during the Covid-19 pandemic.