PSI Software SE critical infrastructure vendor reports ransomware attack

PSI Software SE, a prominent German developer of software for production and logistics processes, has acknowledged a ransomware attack on its internal infrastructure. PSI Software offers specialized software solutions to major energy suppliers, including control system solutions for various operational and management processes like network utilization, pipeline management, leak detection, energy trading, and sales.

The cyber incident, initially disclosed by the company on February 15th, 2024, has considerably affected its operations. The ransomware attack led PSI Software to disconnect several IT systems, its email service and to shut down all external connections and systems as a precautionary step to prevent further data loss. PSI Software has reported no evidence suggesting that the ransomware extended to customer systems.

No details are disclosed about any data or systems impacted by the attack. The initial reports mistakenly attributed the attack to the Hunters International ransomware gang. However, it has been suggested that Qilin, a different cyber threat actor, may be responsible.

The company is working closely with authorities and experts from the Federal Office for Information Security to support their incident response and remediation efforts.