Central Power Systems and Services: Targeted by Cybercriminals

Incident Date:

April 24, 2024

World map

Overview

Title

Central Power Systems and Services: Targeted by Cybercriminals

Victim

Central Power Systems and Services

Attacker

Hunters International

Location

Liberty, USA

Missouri, USA

First Reported

April 24, 2024

Ransomware Attack on Central Power Systems and Services by Hunters International

Overview of the Attack

A prominent service provider in the power systems sector, Central Power Systems and Services, was recently targeted by a ransomware attack orchestrated by Hunters International. This cybercriminal group managed to exfiltrate approximately 1.3 terabytes of data, encompassing over 2 million files.

Company Profile

Central Power Systems and Services, headquartered in Liberty, Missouri, has been a significant player in the power systems industry since 1954. As the exclusive distributor for Allison Transmissions, Detroit Diesel, MTU, Doosan, and Liebherr in specific regions, the company boasts a robust portfolio and a substantial market presence. With annual revenues reaching $71 million in 2024, and a workforce of over 400 employees across 21 locations, the company is a critical node in the supply and maintenance of industrial and construction equipment.

Significance in the Industry

The company's unique position as the sole distributor for several major manufacturers in Kansas, Western Missouri, and Northern Oklahoma highlights its importance in the regional market. This exclusivity not only enhances their market influence but also increases their vulnerability as a significant target for cyber-attacks, given the critical nature of their service and distribution network.

Potential Vulnerabilities

The extensive data breach suggests potential vulnerabilities in the company’s cybersecurity measures. The nature of their business requires robust protection of sensitive data, including client information, proprietary business data, and supply chain logistics. The scale of the exfiltrated data indicates that these areas might have been compromised, making them a lucrative target for Hunters International, whose modus operandi includes extensive data theft for leverage in ransom negotiations.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.