The global and independent platform for the SAP community.

ERP Threat Report

A report from Onapsis and Flashpoint reveals growing cybercriminal interest in ERP vulnerabilities and their exploitation for ransomware attacks and data breaches.
E3 Magazine
June 24, 2024
avatar

A recent study by Flashpoint and Onapsis found that mission-critical SAP applications are increasingly becoming the focus of cybercriminals. The report shows a significant increase in the number of threat actors targeting SAP vulnerabilities and provides valuable information to help organizations protect their mission-critical SAP applications from these threats. The Onapsis Research Labs report highlights the evolution of the SAP threat landscape over the past four years. It shows the growing maturity of this cybercriminal market and the challenges facing defenders.

2023 was a critical point: cyberattacks on SAP applications reached a new high, and interest from established threat actors and state-sponsored cyberespionage groups increased significantly. However, all of the SAP vulnerabilities identified in the report were patched by SAP several years ago. In addition, the ERP company immediately issued security advisories to its customers. Nevertheless, the high level of cyber activity indicates that threat actors are still targeting companies with weak SAP cybersecurity governance. The problem is exacerbated as more customers migrate SAP applications to the cloud. This increases their exposure to threats. Research from Onapsis and Flashpoint shows that established professional threat actors and state-sponsored groups are targeting SAP applications more aggressively. Their goal is espionage, sabotage, or financial gain. Since 2021, research has shown a 400 percent increase in ransomware incidents compromising SAP systems and data at victim companies. As demonstrated by Onapsis Research Labs and CISA, the U.S. federal agency for cybersecurity and infrastructure security, ransomware campaigns are exploiting unpatched SAP vulnerabilities.

Cybercrime is on the rise

Some companies are falling behind when it comes to ERP cybersecurity. There is often a lack of information about threat actors in this area, which many information security teams perceive as complex and opaque. That's why SAP and Onapsis have been proactively warning users for years about the increased risk of malicious cyber activity and ransomware threats specifically targeting SAP applications. Organizations need to act and protect themselves.

Some companies are falling behind when it comes to ERP cyber security. There is often a lack of information about threat actors in this area, which many information security teams perceive as complex and opaque. That's why SAP and Onapsis have been proactively warning about the increased risk of malicious cyber activity and ransomware threats specifically targeting SAP applications for years. Companies need to act and protect themselves.

"Threat actors are constantly evolving their tactics and targets to maximize their profits. With the type of data that ERP applications contain, it is no surprise that we have uncovered clear evidence and trends of increasing momentum in online forums and channels. This should be a wake-up call for all of us, not just in the threat intelligence space, but in cybersecurity as a whole," said Christian Rencken, Senior Strategic Advisor at Flashpoint.

"Working with Flashpoint provides a wealth of threat intelligence that is important to both security and SAP teams," said Juan Pablo Perez-Etchegoyen, CTO at Onapsis. "By showing how these applications are being targeted and how often they are being attacked, we hope to help CIOs, CISOs, and their teams manage the risk of large-scale attacks."

onapsis.com

Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork.

Venue

More information will follow shortly.

Event date

Wednesday, May 21, and
Thursday, May 22, 2025

Early Bird Ticket

Available until Friday, January 24, 2025
EUR 390 excl. VAT

Regular ticket

EUR 590 excl. VAT

Venue

Hotel Hilton Heidelberg
Kurfürstenanlage 1
D-69115 Heidelberg

Event date

Wednesday, March 5, and
Thursday, March 6, 2025

Tickets

Regular ticket
EUR 590 excl. VAT
Early Bird Ticket

Available until December 20, 2024

EUR 390 excl. VAT
The event is organized by the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes attendance at all presentations of the Steampunk and BTP Summit 2025, a visit to the exhibition area, participation in the evening event and catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due course.