PSI Software SE Confirms Ransomware Disruption

PSI Software SE, a German developer of software for intricate manufacturing and logistics processes, confirmed it fell victim to a cyberattack involving ransomware, which compromised its internal infrastructure.

Operating globally with a workforce exceeding 2,000 employees, the company is renowned for crafting software solutions for major energy suppliers. It also offers a suite of services for the management and maintenance of existing energy infrastructure, portfolio management, and the marketing and distribution of energy resources.

CVE-2024-21410

On February 15th, PSI Software announced the cyberattack prominently on the homepage of its website, temporarily concealing the rest of its content. The assault necessitated the shutdown of several IT systems, including email, to mitigate the risk of data loss.

In a subsequent update, PSI Software confirmed that the disruption was caused by cybercriminals employing ransomware. The company has yet to ascertain the exact method of the perpetrators’ ingress.

“PSI Software SE discovered on February 15, 2024 that there had been a cyberattack on PSI’s IT systems. In response, the company has proactively disconnected the systems from the Internet to prevent data breaches and data corruption,” PSI Software reported.

To date, there is no evidence to suggest that the attacker accessed client systems, though the investigation is ongoing.

The company has not provided information regarding the current operational status of client systems. It is conceivable that PSI Software’s client operations are also suspended indefinitely, a situation of particular concern in the energy sector.

Authorities have been informed of the incident, and experts from the Federal Office for Information Security are actively assisting the company in minimizing the consequences of the incident.

The functionality of all systems will be restored as swiftly and securely as possible.