Cyber Attacks Target SAP Applications

Uploaded on 2021-04-14 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Production-Manufacturing

SAP  (Systems, Applications and Products) is one of the world’s leading producers of software for the management of business processes  across a wide range of industries. But their products are not immune from the cyber threats that impact all other IT systems. 
 
Indeed, what is particularly surprising is the speed with which the attackers are able to detect vulnerable SAP systems and the level of expertise they’ve shown in exploiting those vulnerabilities.  
 
Now, research carried out by the cyber security compliance experts at Onapsis  indicates that attackers may be better informed about an organisation’s SAP estate than some of the internal teams and, with the speed of the exploits, they may penetrate systems and hide their tracks before a response has been readied.
 
The new findings show that SAP clients have around three days to respond to vulnerabilities before they are at significant risk of being exploited by sophisticated threat actors.Tom Venables, practice director of application and cyber security at risk management company, Turnkey Consulting, provides the following advice: 

Restoring The Balance Between Defenders And Attackers

Companies running SAP need to check the current patch level of their SAP systems; are they up-to-date and how quickly could a patch be deployed to address a critical vulnerability? From the patching that Turnkey sees on a regular basis, an organisation may not know its systems were exposed.  This level of sophistication is not new in IT, but to see it applied so directly to SAP systems is key evidence that the SAP community needs to be on its toes to respond better (following the lead of other IT infrastructure, which has adapted to handle vulnerabilities quickly).

What Are The Risks?

Many of the vulnerabilities exploited are used to provide privileged access to the SAP systems; once that is achieved, there are a number of risks that could be realised by an experienced APT:
 
  •  Data exfiltration – some SAP systems store production recipes or other intellectual property (IP) that is of value to attackers.  Other data, such as customer specific information is valuable to competitors, or can be used to damage the organisation; fines and reputational loss alone can seriously harm companies.
  • Ransomware or hijack of systems – by taking control of databases or key storage, business systems can be held to ransom by APTs.
  • Fraud – with the degree of knowledge demonstrated by the Onapsis breach monitoring, the ability to leverage access to systems to commit fraud is clearly within the capability of attackers.
  • System downtime – with administrator privileges on the SAP estate, misconfiguration of the system, or deliberate attacks on key data can result in downtime of business critical systems. 

How can this Threat be Managed? 

Understanding your organisations exposure to vulnerabilities is the first step, running assessments can help to spot risks before they become issues and are exploited by attackers. Then, deploying patches in a timely fashion will help to ensure that systems are protected against the latest threats, so a good patch management process, or solution is essential.
 
Once that is done, monitoring and alerting on security events to know when a breach may have occurred and ensuring that a response plan is defined for such incidents, minimises the impact of an attack.
 
Onapsis:        Turnkey Consulting:       NHS Digital:   
 
 
You Might Also Read: 
 
Industrial Control System Security Is Overlooked:
 
 
 
« UK Cyber Security Council Officially Launched
Cyber Crime In 2021: How Hackers Are Evolving »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Infinigate UK

Infinigate UK

Infinigate is a value-added distributor of IT security solutions to protect and defend IT networks, servers, devices, data, applications, as well as the cloud.

Riverbed Technology

Riverbed Technology

The Riverbed Network and Application Performance Platform enables organizations to visualize, optimize, accelerate and remediate the performance of any network for any application.

Andrisoft

Andrisoft

Andrisoft develops WANGUARD, an anti-DDoS Software solution that monitors IP traffic using packet-based and flow-based Sensors, and protects networks

Zerto

Zerto

Zerto provides enterprise-class disaster recovery and business continuity software specifically for virtualized data centers and cloud environments.

Proact IT Group

Proact IT Group

Proact is Europe's leading independent data centre and Cloud services enabler. We deliver flexible, accessible and secure IT solutions and services.

Zeguro

Zeguro

Zeguro provides complete cybersecurity risk assessment, mitigation and insurance, allowing you to easily manage your cyber risk.

ThreatSwitch

ThreatSwitch

ThreatSwitch a software platform for cleared federal contractors to get and stay compliant with NISPOM and Conforming Change 2.

PrivacySavvy

PrivacySavvy

PrivacySavvy's mission is to provide you with all the information that you need to ensure that your internet privacy is intact, your devices are secure, and that any time you step online, you’re safe.

Swiss It Security Group

Swiss It Security Group

Swiss It Security Group offers clients complete IT security concepts based on innovative solutions and technology, with a focus on protection, detection and defence.

ShieldApps

ShieldApps

ShieldApps comprehensive suite of products is designed to protect your personal devices from privacy threats, including hacking attempts, online tracking, fingerprinting, phishing, malware, and more.

Institute for Pervasive Cybersecurity - Boise State University

Institute for Pervasive Cybersecurity - Boise State University

Boise State University’s Institute for Pervasive Cybersecurity is a leader of innovative cybersecurity research and advancement in Idaho and the region.

Spotit

Spotit

Spotit offers a wide-ranging portfolio of technologies and services, from consultancy, assessments and pentesting to the set up of completely new security and network infrastructures.

Web3fied

Web3fied

Web3fied is a seed stage company building the future of decentralized digital identity and credentials management.

Cyberguardians

Cyberguardians

Cyberguardians is a team of experienced cybersecurity experts and consultants who always believe in the value and a high level of cybersecurity services to clients.

Stratascale

Stratascale

Stratascale is a consultant, systems integrator, and technology advisor with expertise in Automation, Cloud Ascension, Cybersecurity, Data Intelligence, and Digital Experience solutions.

Togggle

Togggle

Togggle offers seamless identity verification solutions and distributed infrastructure, enabling organizations to combat fraud and ensure compliance with data protection regulations.