PSI, Control Systems Firm, Faces Uphill Battle in Ransomware Attack Recovery


German control systems provider PSI Software continues to grapple with the aftermath of a ransomware attack that occurred earlier this month, leaving its systems offline. The company first disclosed the incident on February 15, announcing a proactive disconnection from the internet to mitigate data exfiltration risks.

In a recent update, PSI confirmed the involvement of ransomware in the cyberattack and disclosed ongoing difficulties in restoring its internal IT infrastructure. As a precautionary measure, all external connections and systems were promptly shut down to contain the threat. Additionally, PSI's mail system was deactivated to prevent unauthorized communication.

The company emphasized its commitment to investigating the attack vector while assuring customers that no evidence suggests the compromise of PSI systems at customer sites. PSI clarified that there was no unauthorized access to remote connections for maintaining customer systems.

PSI's security team remains actively engaged in containing the incident and restoring affected systems. Authorities have been notified of the attack, indicating the seriousness of the situation and the company's dedication to transparency and compliance.

Headquartered in Berlin, PSI Software serves as a critical provider of control systems for major European energy suppliers. Their solutions encompass a wide range of functionalities, including control, monitoring, and optimization for various energy sources such as electricity, gas, oil, heat, and water. Key features include leak detection, network utilization, operational management, and pipeline management.

The attack underscores the growing threat landscape facing organizations, particularly those in critical infrastructure sectors. PSI's diligent response and ongoing efforts to mitigate the impact of the cyberattack highlight the importance of robust cybersecurity measures in safeguarding sensitive systems and data.