PSI Software SE, a German developer of software for complex manufacturing and logistics processes, has confirmed that the cyber incident it discovered last week was a ransomware attack that affected its internal infrastructure.
The company operates globally with more than 2,000 employees and specializes in software solutions for large energy suppliers.
It also offers “control system solutions for operational management, grid utilization, pipeline management, leak detection and location, portfolio management, energy trading and sales.”
PSI Software announced on February 15 that a cyberattack forced it to shut down several IT systems, including email, as a measure to mitigate the risk of data loss.
.png)
In an update yesterday, the company confirmed that the disruption was caused by ransomware actors targeting its systems. The company has yet to determine the exact vector of the intrusion.
“We detected unusual activity on our network during the night of February 15, 2024. As a result, all external connections and systems were shut down sequentially during the night” – PSI Software
PSI says that the investigation so far has not revealed any evidence that the attacker turned on the user’s systems.
Authorities have been notified of the incident, and experts from the Federal Information Security Office have been assisting PSI’s incident response and remediation efforts since February 16.
Update [12:14 EST]: The article has been updated because the cyberattack on PSI Software SE was incorrectly attributed to the Hunters International ransomware group.