German control systems provider PSI Software this week announced that its systems are still down following a ransomware attack earlier this month.
The incident was initially disclosed on February 15, when the company announced that it proactively disconnected its systems from the internet, to prevent data exfiltration.
On Monday, the company updated its initial notification to reveal that ransomware was involved in the cyberattack and that it has yet to restore its internal IT infrastructure.
“As a result, all external connections and systems were successively shut down still in the night. We also shut down PSI’s mail system in the night, so that no mails have been sent from PSI systems since then,” the company said.
PSI also noted that it is still investigating the attack vector and that it has found no evidence that PSI systems at customer sites have been affected.
“According to current knowledge, there was no access to remote connections for the maintenance of customer systems,” the company said.
According to PSI, its security team is still working on containing the incident and restoring the affected systems. The responsible authorities have been notified of the attack, the company also said.
Headquartered in Berlin, PSI Software provides control systems to major European energy suppliers. Its solutions cover control, monitoring, and optimization for electricity, gas, oil, heat, and water, including leak detection and location, network utilization, operational management, and pipeline management.
SecurityWeek has not observed any ransomware gang taking responsibility for the attack.
Related: Cactus Ransomware Group Confirms Hacking Schneider Electric
Related: Ransomware Group Takes Credit for LoanDepot, Prudential Financial Attacks
Related: Ransomware Attack Knocks 100 Romanian Hospitals Offline
