EDP faces $11m ransomware demand after 'potentially catastrophic' cyberattack
Portuguese utility and owner of wind power giant EDPR owner reportedly subject of security breach this week
European utility giant EDP has been hit by a cyberattack and is facing a €10m ($11m) ransomware demand, according to multiple reports in the Portuguese media.
Portugal-based EDP – majority-owner of EDPR, one of the world’s largest wind power operators – was the subject of the cybersecurity breach on Monday, according to local reports and coverage in specialist IT publications.
The utility is said to have fallen victim to a ‘Ragnar Locker’ ransomware attack on Monday this week, with criminals gaining access to systems and demanding payment within 20 days to prevent release of information.
EDP, Portugal’s largest utility, owns most of EDPR, which operates more than 11GW of renewables capacity globally and is one of the biggest players in US onshore wind.
Commenting on this, Sam Curry, chief security officer at Cybereason, said: “While details were scant ... [that] any successful breach, such as the one being reported against EDP, no matter the size and scope, have potentially catastrophic consequences if not contained.
“Having backups of their files and resuming regular business operations is low on their priority list during the first 24-48 hours of incident response measures.”