ERP Threat Report
A recent study by Flashpoint and Onapsis found that mission-critical SAP applications are increasingly becoming the focus of cybercriminals. The report shows a significant increase in the number of threat actors targeting SAP vulnerabilities and provides valuable information to help organizations protect their mission-critical SAP applications from these threats. The Onapsis Research Labs report highlights the evolution of the SAP threat landscape over the past four years. It shows the growing maturity of this cybercriminal market and the challenges facing defenders.
2023 was a critical point: cyberattacks on SAP applications reached a new high, and interest from established threat actors and state-sponsored cyberespionage groups increased significantly. However, all of the SAP vulnerabilities identified in the report were patched by SAP several years ago. In addition, the ERP company immediately issued security advisories to its customers. Nevertheless, the high level of cyber activity indicates that threat actors are still targeting companies with weak SAP cybersecurity governance. The problem is exacerbated as more customers migrate SAP applications to the cloud. This increases their exposure to threats. Research from Onapsis and Flashpoint shows that established professional threat actors and state-sponsored groups are targeting SAP applications more aggressively. Their goal is espionage, sabotage, or financial gain. Since 2021, research has shown a 400 percent increase in ransomware incidents compromising SAP systems and data at victim companies. As demonstrated by Onapsis Research Labs and CISA, the U.S. federal agency for cybersecurity and infrastructure security, ransomware campaigns are exploiting unpatched SAP vulnerabilities.
Cybercrime is on the rise
Some companies are falling behind when it comes to ERP cybersecurity. There is often a lack of information about threat actors in this area, which many information security teams perceive as complex and opaque. That's why SAP and Onapsis have been proactively warning users for years about the increased risk of malicious cyber activity and ransomware threats specifically targeting SAP applications. Organizations need to act and protect themselves.
Some companies are falling behind when it comes to ERP cyber security. There is often a lack of information about threat actors in this area, which many information security teams perceive as complex and opaque. That's why SAP and Onapsis have been proactively warning about the increased risk of malicious cyber activity and ransomware threats specifically targeting SAP applications for years. Companies need to act and protect themselves.
"Threat actors are constantly evolving their tactics and targets to maximize their profits. With the type of data that ERP applications contain, it is no surprise that we have uncovered clear evidence and trends of increasing momentum in online forums and channels. This should be a wake-up call for all of us, not just in the threat intelligence space, but in cybersecurity as a whole," said Christian Rencken, Senior Strategic Advisor at Flashpoint.
"Working with Flashpoint provides a wealth of threat intelligence that is important to both security and SAP teams," said Juan Pablo Perez-Etchegoyen, CTO at Onapsis. "By showing how these applications are being targeted and how often they are being attacked, we hope to help CIOs, CISOs, and their teams manage the risk of large-scale attacks."
