Vestas Wind Systems, one of the world's largest makers of wind turbines, today confirmed company data has been compromised in a "cyber security incident" that forced the firm to isolate parts of its IT infrastructure.
The alarm bells rang on Saturday when Vestas admitted: "To contain the issue, IT systems are shut down across multiple business units and locations."
It has pulled in external help to get on top of things.
In the latest update, Vestas – which designs, makes, installs and services wind turbines – said that according to preliminary findings, the incident "impacted all parts of Vestas' internal IT infrastructure and that data has been compromised."
Investigations continue, it added, but at this stage there is "no indication" that third-party operations, including customer and supply chain, were caught up.
"Vestas' manufacturing, construction and services teams have been able to continue operations, although several operational IT systems have been shut down as a precaution. Vestas has already initiated a gradual and controlled reopening of all IT systems," it said a statement.
- Boat biz breaches itself: Brittany Ferries 'fesses up to leaks caused by routine website update
- Shotgun targeting of malware attacks will be the defining infosec theme of 2022, reckons Sophos
- Labour Party supplier ransomware attack: Who holds ex-members' data and on what legal basis?
- REvil gang member identified living luxury lifestyle in Russia, says German media
The attack bears the hallmarks of ransomware, but a spokesperson at the Vestas refused to be drawn on the specific nature of the attack at this stage.
"One of the key priorities is to keep stakeholders well informed without releasing information that could compromise the handling of the situation," he told The Register, refusing to confirm or deny whether a ransom was under demand.
Vestas, which employs 29,000 people globally, says it has installed more than 145GW of wind turbines in 85 countries, and that its sustainable energy solutions have prevented 1.5 billion tonnes of CO2 from being released into the atmosphere.
Ransomware attacks have proliferated in recent years, with other critical infrastructure also popping up on the radar of criminals, including Colonial Pipeline. As yet, none of the major ransomware gangs have admitted being behind the Vestas incident. ®