DailyPost 2766
NOW SAP AT HIGH RISK!
The question arises who is not at risk? Getting hacked is the new normal. It’s not whether you will be hacked or not, the issue is when? Resilience is the key and the tech preparedness for it is the name of the game. Close on the heels of a variety of other vulnerabilities and hacks all around the place, now the world most favourite ERP is facing the hacker’s music. Sooner than later, it was bound to happen and now it is right here. SAP users are not at high risk as hackers exploit application vulnerabilities. Recent researches highlight heightened threat actors’ interest in SAP systems, “targeting poorly patched organizations.”
It is said that targeting SAP vulnerabilities is at its peak. The systems being compromised by ransomware incidents have grown fivefold since 2021. This is the finding of joint research by Flashpoint and Onapsis. There are a whole load of ransomware gangs who are trying their luck successfully with SAP. These include Conti, Quantum, LockBit, Blackcat, HIVE, REvil, and Netwalker. The story does not end here. Few of the attacks targeting SAP systems data have also been found to be a part of a state sponsored campaign. APT10 is one of them, known to be associated with Chinese state backing.
Amongst the many types of attacks ransomware has emerged as the most preferred one. Though threat actors can have different motivations yet most of them are “looking for profit out of the compromises.” The double extortion business model of ransomware has become the order of the day. Firstly, it is making profit out of demanding ransom and getting it. Secondly, is by auctioning off the exfiltrated data to the highest bidder. They can also end up advertising it to competitors. SAP being an ERP solution, hackers are able to exfiltrate business sensitive data and in many cases impact their business operations.
Based on analysis of ransomware attacks of direct involvement in compromise of SAP based data, the researchers have come to the conclusion that since 2021 there has been a 400% growth in the number of attacks. The conversations in open, deep and dark web on SAP vulnerabilities and exploits have increased by 490% between 2021 and 2023. The researchers have also found that the price of remote code execution (RCE) attacks on SAP applications increased by 400% between 2020 to 2023. Interestingly, CrowdFence’s recent updated price list on 8th April, 2024, highlights SAP RCE Exploits for upto $250,000.
CYBER SECURITY HAS TO NECESSARILY BE MADE A MANDATORY DESIGN ELEMENT IN EVERY SINGLE SOFTWARE AND HARDWARE.
Sanjay Sahay
Have a nice evening.