US renewable energy giant refuses to pay hackers ransom

Wind farm developer Invenergy was reportedly hacked and threatened with the release of personal details of its CEO by a notorious ransomware gang over the weekend.

The US clean energy firm does not intend to pay any ransom after discovering unauthorised breaches on some of its information systems, according to the Financial Times.

Operations at its 12.2GW operational wind fleet were not impacted during the hack.

Russian-linked REvil claimed it had downloaded 4 terabytes of data including information on projects and contracts and personal information about CEO Michael Polsky.

This – the FT reported – included the chief executive’s personal emails and photographs and details about his divorce from his first wife, according to a post on the hacking cartel’s dark web blog.

Last year, insurance firm GCube warned that renewable energy asset owners relying more heavily on digital systems during the coronavirus pandemic face an increased threat from ransomware or denial-of-service attacks.

REvil’s victims in recent months have included Taiwanese Apple supplier Quanta and US meat-packer JBS.

Windpower Monthly has contacted Invenergy for comment.