Vestas cyber attack ‘was ransomware’

1 December 2021

Since the cyber security incident was discovered on 19 November, Vestas and its external partners have been working to re-establish normal operations. On 29 November, having conducted ‘extensive investigations, forensics, restoration activities and hardening of its IT systems and IT infrastructure’ it was able to announce, in its second update, that almost all its systems were up and running.

Henrik Andersen, president and CEO, said “We have been through some tough days … and executive management and the directors are … very pleased that the incident did not impact wind turbine operations and almost all our IT systems are running again. There is still a lot of work ahead of us to and we must remain extremely diligent towards cyber threats.” 

Although Vestas says it is close to resuming normal operations, the work and the investigations are still ongoing. However, the company maintains that there is no indication that the event has impacted customer and supply chain operations, which is supported by the forensics investigation carried out with the assistance of third-party experts. The cyber incident, which its investigations indicate was ransomware, impacted Vestas’ internal systems and resulted in data being compromised. In its latest statement the company said that the extent to which data has been compromised is still being investigated, but for now it appears that the data relates primarily to Vestas’ internal matters.

Linkedin Linkedin   
Privacy Policy
We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.