Cyber Attacks Target SAP Applications

SAP  (Systems, Applications and Products) is one of the world’s leading producers of software for the management of business processes  across a wide range of industries. But their products are not immune from the cyber threats that impact all other IT systems. 
 
Indeed, what is particularly surprising is the speed with which the attackers are able to detect vulnerable SAP systems and the level of expertise they’ve shown in exploiting those vulnerabilities.  
 
Now, research carried out by the cyber security compliance experts at Onapsis  indicates that attackers may be better informed about an organisation’s SAP estate than some of the internal teams and, with the speed of the exploits, they may penetrate systems and hide their tracks before a response has been readied.
 
The new findings show that SAP clients have around three days to respond to vulnerabilities before they are at significant risk of being exploited by sophisticated threat actors.Tom Venables, practice director of application and cyber security at risk management company, Turnkey Consulting, provides the following advice: 

Restoring The Balance Between Defenders And Attackers

Companies running SAP need to check the current patch level of their SAP systems; are they up-to-date and how quickly could a patch be deployed to address a critical vulnerability? From the patching that Turnkey sees on a regular basis, an organisation may not know its systems were exposed.  This level of sophistication is not new in IT, but to see it applied so directly to SAP systems is key evidence that the SAP community needs to be on its toes to respond better (following the lead of other IT infrastructure, which has adapted to handle vulnerabilities quickly).

What Are The Risks?

Many of the vulnerabilities exploited are used to provide privileged access to the SAP systems; once that is achieved, there are a number of risks that could be realised by an experienced APT:
 
  •  Data exfiltration – some SAP systems store production recipes or other intellectual property (IP) that is of value to attackers.  Other data, such as customer specific information is valuable to competitors, or can be used to damage the organisation; fines and reputational loss alone can seriously harm companies.
  • Ransomware or hijack of systems – by taking control of databases or key storage, business systems can be held to ransom by APTs.
  • Fraud – with the degree of knowledge demonstrated by the Onapsis breach monitoring, the ability to leverage access to systems to commit fraud is clearly within the capability of attackers.
  • System downtime – with administrator privileges on the SAP estate, misconfiguration of the system, or deliberate attacks on key data can result in downtime of business critical systems. 

How can this Threat be Managed? 

Understanding your organisations exposure to vulnerabilities is the first step, running assessments can help to spot risks before they become issues and are exploited by attackers. Then, deploying patches in a timely fashion will help to ensure that systems are protected against the latest threats, so a good patch management process, or solution is essential.
 
Once that is done, monitoring and alerting on security events to know when a breach may have occurred and ensuring that a response plan is defined for such incidents, minimises the impact of an attack.
 
Onapsis:        Turnkey Consulting:       NHS Digital:   
 
 
You Might Also Read: 
 
Industrial Control System Security Is Overlooked:
 
 
 
« UK Cyber Security Council Officially Launched
Cyber Crime In 2021: How Hackers Are Evolving »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Assure Technical

Assure Technical

Assure Technical offers a holistic approach to Technical Security. Our expertise and services span across the Physical, Cyber and Counter Surveillance domains.

City Security Magazine

City Security Magazine

City Security magazine helps promote best security practices and keep businesses informed on a wide variety of security-related issues.

TEISS

TEISS

Teiss.co.uk is a website dedicated to providing information about cyber security. TEISS also provide a series of conferences and events focused on cyber security.

ESNC

ESNC

ESNC’s vulnerability management and real-time SAP security monitoring solutions help largest corporations in the world to effectively prioritize SAP security tasks and secure their business.

Trustelem

Trustelem

Trustelem offers European and global companies a ready-to-use access management service that respects the principles of sovereignty, territoriality and privacy.

EU Joint Research Centre

EU Joint Research Centre

JRC is the European Commission's science and knowledge service which employs scientists to carry out research in order to provide independent scientific advice and support to EU policy.

OpSec Security

OpSec Security

OpSec Online is the only brand protection solution that spans all channels so your brands are protected no matter what digital venue the criminals target.

Cylera

Cylera

Cylera is a Healthcare IoT cybersecurity and intelligence company built in close partnership with healthcare providers.

Beauceron Security

Beauceron Security

Beauceron's cloud-based platform gives employees a powerful personal cyber-risk coach empowering them to improve their cybersecurity practices and behaviours.

Liquid Intelligent Technologies

Liquid Intelligent Technologies

Liquid Intelligent Technologies is a leading communications solutions provider across Africa, providing reliable connectivity, hosting, co-location, and digital services including cyber security.

FYEO

FYEO

FYEO is a threat monitoring and identity access management platform for consumers, enterprises and SMBs.

Verica

Verica

Verica uses chaos engineering to make systems more secure and less vulnerable to costly incidents.

Gulf Business Machines (GBM)

Gulf Business Machines (GBM)

GBM is a leading end-to-end digital solutions provider, offering the broadest portfolio, including industry-leading digital infrastructure, digital business solutions, security and services.

Lightpoint Global

Lightpoint Global

Lightpoint Global is a bespoke software development company. We also provide a spectrum of services such as IT consulting, business analysis, QA and testing, and DevOps services.

CIP Cyber

CIP Cyber

CIP Cyber is an online learning community with a mission of connecting, training, and certifying cybersecurity professionals to protect critical infrastructure.

Capzul

Capzul

Capzul are transforming the network security landscape with a new approach; creating virtually impenetrable networks, precluding cybercriminal attacks on your network ecosystem.