Central Power Systems and Services: Targeted by Cybercriminals
Incident Date:
April 24, 2024
Overview
Title
Central Power Systems and Services: Targeted by Cybercriminals
Victim
Central Power Systems and Services
Attacker
Hunters International
Location
First Reported
April 24, 2024
Ransomware Attack on Central Power Systems and Services by Hunters International
Overview of the Attack
A prominent service provider in the power systems sector, Central Power Systems and Services, was recently targeted by a ransomware attack orchestrated by Hunters International. This cybercriminal group managed to exfiltrate approximately 1.3 terabytes of data, encompassing over 2 million files.
Company Profile
Central Power Systems and Services, headquartered in Liberty, Missouri, has been a significant player in the power systems industry since 1954. As the exclusive distributor for Allison Transmissions, Detroit Diesel, MTU, Doosan, and Liebherr in specific regions, the company boasts a robust portfolio and a substantial market presence. With annual revenues reaching $71 million in 2024, and a workforce of over 400 employees across 21 locations, the company is a critical node in the supply and maintenance of industrial and construction equipment.
Significance in the Industry
The company's unique position as the sole distributor for several major manufacturers in Kansas, Western Missouri, and Northern Oklahoma highlights its importance in the regional market. This exclusivity not only enhances their market influence but also increases their vulnerability as a significant target for cyber-attacks, given the critical nature of their service and distribution network.
Potential Vulnerabilities
The extensive data breach suggests potential vulnerabilities in the company’s cybersecurity measures. The nature of their business requires robust protection of sensitive data, including client information, proprietary business data, and supply chain logistics. The scale of the exfiltrated data indicates that these areas might have been compromised, making them a lucrative target for Hunters International, whose modus operandi includes extensive data theft for leverage in ransom negotiations.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.