SAP, one of the world's most widely used ERP systems, is now at a heightened risk of cyberattacks, as recent research indicates a sharp increase in the exploitation of SAP application vulnerabilities by hackers. The report, conducted by Flashpoint and Onapsis, reveals alarming trends, including a fivefold increase in ransomware incidents targeting SAP systems since 2021.
These attacks are primarily driven by the vulnerabilities in SAP systems that have not been properly patched, making them easy targets for cybercriminals. A variety of ransomware gangs, including notorious names like Conti, Quantum, LockBit, Blackcat, HIVE, REvil, and Netwalker, are actively exploiting these weaknesses, leading to significant breaches that compromise sensitive business data and disrupt operations.
What's particularly concerning is the emergence of state-sponsored attacks targeting SAP systems. For instance, APT10, a group linked to Chinese state interests, has been associated with such campaigns, indicating that the threats are not just financially motivated but also politically driven.
Ransomware has become the attack method of choice, with threat actors employing a double extortion strategy. After infiltrating and encrypting a company's data, they demand ransom for its release. If the ransom is not paid, the stolen data is either auctioned off to the highest bidder, sold to competitors, or publicly leaked, causing further damage to the victim's business and reputation.
The research highlights a staggering 400% increase in attacks directly compromising SAP-based data since 2021. Conversations about SAP vulnerabilities on the open, deep, and dark web have surged by 490% between 2021 and 2023, reflecting the growing interest and activity among hackers. The price for remote code execution (RCE) exploits targeting SAP applications has also skyrocketed, with some listed for as much as $250,000, according to CrowdFence's updated price list from April 2024.
The message is clear: SAP users are now at high risk, and the question is not if but when an organization will be targeted. In this environment, resilience and preparedness are crucial. Organizations using SAP must prioritize timely patching of vulnerabilities, strengthen their cybersecurity defenses, and be ready to respond quickly to potential breaches. As the cyber threat landscape continues to evolve, the need for robust security measures and proactive risk management has never been more critical.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
