Cybercriminals take aim at ERP apps
Many enterprises rely on some sort of ERP application for their business operations and decision making. The vast majority of large organizations use ERP applications from leading vendors like SAP and Oracle.
New research from threat data and intelligence leader Flashpoint and ERP cybersecurity and compliance leader Onapsis reveals evidence that SAP business-critical applications are increasingly in the sights of and valuable for cybercriminals.
"This collaboration with Flashpoint provides a depth of threat intelligence that is critical for both security and SAP teams to understand," says Juan Pablo (JP) Perez-Etchegoyen, CTO at Onapsis. "By showing how these applications are being targeted and the increasing frequency, we hope to help CIOs, CISOs and their teams manage the risk of wide-scale attacks."
Since 2021, the research shows a 400 percent increase in ransomware incidents that involved compromising SAP systems and data at victim's organizations. The SAP threat landscape is seeing well-established, highly sophisticated threat actors and state-sponsored groups that are more aggressively targeting SAP applications for financial gain, espionage and sabotage.
Active discussions in cybercriminal forums about SAP-specific cloud and web services have increased 220 percent from 2021 to 2023. This exposes critical SAP applications to a broader audience of malicious threat actors and enables attackers to find SAP Applications over the internet.
Some companies though are falling behind when it comes to ERP cybersecurity due to the lack of information about threat actors in what was considered by many information security teams to be a complex and obscure domain.
"The growing focus on ERP applications by cybercriminals highlighted in this report reflects a critical evolution in the threat landscape. It's essential for organizations to integrate comprehensive threat intelligence into their security protocols to effectively counter these advanced threats," says Christian Rencken, senior strategic advisor at Flashpoint.
You can get the full report, and register for a webinar on the findings to be held on April 24th, on the Onapsis site.
Image credit: SergeyNivens/depositphotos.com