Cyber Attacks Target SAP Applications

Uploaded on 2021-04-14 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Production-Manufacturing

SAP  (Systems, Applications and Products) is one of the world’s leading producers of software for the management of business processes  across a wide range of industries. But their products are not immune from the cyber threats that impact all other IT systems. 
 
Indeed, what is particularly surprising is the speed with which the attackers are able to detect vulnerable SAP systems and the level of expertise they’ve shown in exploiting those vulnerabilities.  
 
Now, research carried out by the cyber security compliance experts at Onapsis  indicates that attackers may be better informed about an organisation’s SAP estate than some of the internal teams and, with the speed of the exploits, they may penetrate systems and hide their tracks before a response has been readied.
 
The new findings show that SAP clients have around three days to respond to vulnerabilities before they are at significant risk of being exploited by sophisticated threat actors.Tom Venables, practice director of application and cyber security at risk management company, Turnkey Consulting, provides the following advice: 

Restoring The Balance Between Defenders And Attackers

Companies running SAP need to check the current patch level of their SAP systems; are they up-to-date and how quickly could a patch be deployed to address a critical vulnerability? From the patching that Turnkey sees on a regular basis, an organisation may not know its systems were exposed.  This level of sophistication is not new in IT, but to see it applied so directly to SAP systems is key evidence that the SAP community needs to be on its toes to respond better (following the lead of other IT infrastructure, which has adapted to handle vulnerabilities quickly).

What Are The Risks?

Many of the vulnerabilities exploited are used to provide privileged access to the SAP systems; once that is achieved, there are a number of risks that could be realised by an experienced APT:
 
  •  Data exfiltration – some SAP systems store production recipes or other intellectual property (IP) that is of value to attackers.  Other data, such as customer specific information is valuable to competitors, or can be used to damage the organisation; fines and reputational loss alone can seriously harm companies.
  • Ransomware or hijack of systems – by taking control of databases or key storage, business systems can be held to ransom by APTs.
  • Fraud – with the degree of knowledge demonstrated by the Onapsis breach monitoring, the ability to leverage access to systems to commit fraud is clearly within the capability of attackers.
  • System downtime – with administrator privileges on the SAP estate, misconfiguration of the system, or deliberate attacks on key data can result in downtime of business critical systems. 

How can this Threat be Managed? 

Understanding your organisations exposure to vulnerabilities is the first step, running assessments can help to spot risks before they become issues and are exploited by attackers. Then, deploying patches in a timely fashion will help to ensure that systems are protected against the latest threats, so a good patch management process, or solution is essential.
 
Once that is done, monitoring and alerting on security events to know when a breach may have occurred and ensuring that a response plan is defined for such incidents, minimises the impact of an attack.
 
Onapsis:        Turnkey Consulting:       NHS Digital:   
 
 
You Might Also Read: 
 
Industrial Control System Security Is Overlooked:
 
 
 
« UK Cyber Security Council Officially Launched
Cyber Crime In 2021: How Hackers Are Evolving »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Law Enforcement Cyber Center (LECC)

Law Enforcement Cyber Center (LECC)

LECC is designed to assist police, digital forensic investigators, detectives, and prosecutors who are investigating and preventing crimes that involve technology.

Brit

Brit

Brit PLC is a market-leading global specialty insurer and reinsurer, focused on underwriting complex risks including cyber, privacy and technology.

Cypress Semiconductor

Cypress Semiconductor

Cypress is a semiconductor design and manufacturing company providing embedded devices for secure IoT applications.

MetricStream

MetricStream

MetricStream provide integrated GRC solutions across business, IT, and security functions.

Jscrambler

Jscrambler

Jscrambler addresses all your JavaScript and Web application protection needs.

Mission Secure (MSi)

Mission Secure (MSi)

MSi is a specialized provider of next generation cyber defense solutions protecting control systems and critical physical assets in energy, transportation and defense.

SEWORKS

SEWORKS

SEWORKS provides offensive and defensive app security that ensures mobile and web apps are safe from dangerous hacking threats.

Gallarus Industry Solutions

Gallarus Industry Solutions

Gallarus leads innovation within industrial Manufacturing, Production and Management Systems, including Cyber Security solutions specifically developed to protect against the latest cyber criminality.

Bitfury Group

Bitfury Group

Bitfury Group is the largest full-service blockchain technology company in the world.

Blockchain Solutions

Blockchain Solutions

Blockchain Solutions Limited is a technological One Stop Solution provider, for Blockchain technology.

CyberMDX

CyberMDX

CyberMDX delivers proactive security built for hospital devices. 360° visibility, insight, and protection for all connected hospital technologies.

EasyDMARC

EasyDMARC

EasyDMARC deliver the most comprehensive product for anyone who strives to build the most secure possible defence system for their email ecosystem.

Synagex

Synagex

Synagex Modern IT is a simple IT and cybersecurity solution for businesses.

CorePLUS Technologies

CorePLUS Technologies

CorePlus solutions are designed to empower organizations with the tools they need to ensure the utmost protection for their assets, people, and information.

AccuKnox

AccuKnox

Our Cloud-Native Application Protection Platform (CNAPP) delivers uncompromising Zero Trust security, powered by kernel-level precision and AI-driven innovation, to protect your workloads.

Inception Cyber

Inception Cyber

Inception Cyber, the inventors of intent-based security, is leading the next generation of threat prevention for an increasingly AI-driven world.