Wind turbine giant Vestas' data compromised in cyberattack - BleepingComputer
2021-11-22 10:25 (EST) - Bill Toulas
Vestas Wind Systems, a leader in wind turbine manufacturing, has shut down its IT systems after suffering a cyberattack.
Vestas is a leading North American manufacturer, installer, and servicing company for wind turbines, with 40,000 MW installed and 36,000+ MW under service in the U.S. and Canada.
The company states that they suffered an attack on Friday, November 19th, forcing them to shut down IT systems across multiple business units and locations to prevent the attack's spread.
As a result, customers, employees, and other stakeholders may be affected by this disruption, and some factories of Vestas were forced to slow down production.
In an update published today on the Vestas website, the firm explains that they are still working on re-establishing the integrity of its IT systems but hasn't provided any timeline for the recovery.
Vestas also confirmed that some data had been compromised, which means the hackers have managed to exfiltrate information from the accessed systems.
"The company's preliminary findings indicate that the incident has impacted parts of Vestas' internal IT infrastructure and that data has been compromised," Vesta disclosed in a new statement today. "At this stage, the work and investigation are still ongoing,"
In the same update, the firm has explained that the impact on manufacturing, construction, and service has been minimal.
While Vestas has not disclosed what type of cyberattack they suffered, the description describes what is likely a ransomware attack.
BleepingComputer has reached out to Vestas to ask for more details about the incident and whether the hackers are demanding a ransom, but we have not received a response yet.
ATTACKS ON CRITICAL INFRASTRUCTURE
Vestas employs 25,000 people and operates manufacturing plants in 16 countries, having an annual operating income of over a billion USD.
As countries accelerate the adoption of pollution-reduction policies and roll out renewable energy investment programs, Vestas has a crucial role in fulfilling such services.
As such, disrupting the manufacturing, installation, and servicing process could significantly impact the regions that rely on wind turbines as a power source.
Completing projects that are set to replace traditional forms of energy is critical now, as energy shortages resulting from carbon-plant shutdowns are pushing prices high.
Already, Vestas was among those struggling with supply chain issues and rising commodity prices, so this cyberattack comes at a particularly bad time.
Critical infrastructure has increasingly been suffering cyberattacks as ransomware gangs escalate their attacks for larger payouts.
Previous attacks on critical infrastructure include Ireland's Health Service Executive , meat producer JBS , and U.S. fuel pipeline Colonial Pipeline .