In the latest cybersecurity incident, PSI Software, a provider of control systems for various critical infrastructure sectors, including energy and pipeline management, fell victim to a malicious attack. The attack, detected on February 15, prompted the company to take swift action, including shutting down its email system after detecting unusual activity on its network.
As a provider of essential control systems, PSI Software plays a crucial role in energy control, operational management, network utilization, and leak detection. The company, which operates a subsidiary in the U.S., relies on products from major enterprise vendors such as IBM, Microsoft, Oracle, and SAP.
Following the discovery of the attack, PSI Software promptly contacted German authorities and engaged external experts in response to their recommendations. The extent of the breach became apparent when it was revealed that over 36,000 files, totaling 88 GB, were allegedly stolen by the perpetrators, identified as the ransomware-as-a-service operation known as Hunters International.
This incident comes at a time of heightened concern over cybersecurity threats targeting critical infrastructure. Federal cyber officials have issued multiple warnings about state-linked threat actors, particularly those associated with China, prepositioning themselves within critical infrastructure systems. These warnings underscore the persistent threat posed by state-sponsored actors, with some intrusions dating back to 2019.