ERP Attacks Are On The Rise: Protect Against Insider Threats and External Attacks Across Business Critical Systems

October 23, 2018 Christian Goetz

Organizations rely heavily on Enterprise Resource Planning (ERP) systems and applications to power their businesses, manage critical processes (product lifecycle management, customer relationship management, supply chain management, etc.) and ensure a continuous, open flow of information. The ubiquity of these systems and business critical applications means the potential to compromise data and expose organizations to compliance and regulatory consequences is greater than ever before.

Earlier this year, US-CERT and others warned organizations worldwide about ongoing and eminent cyber attacks targeting ERP applications. Reuters reported that ERP systems across numerous media, energy and finance organizations were hit after they failed to install patches or take other security measures. Criminal hackers are not the only ones targeting these systems. Nation-state sponsored attackers also target ERP systems and applications for cyber espionage and sabotage, as evidenced in the high-profile United States Information Service (USIS) breach.

It’s easy to understand why these types of attacks are on the rise. ERP systems and applications house sensitive, business-critical data that is highly attractive to attackers. They are also pervasive, touching virtually every layer of a business – from infrastructure to operating systems to cloud consoles and more. In these environments, default, generic passwords are rampant, strong authorizations are often shared by multiple employees (such as Admin Groups) and associated passwords are too often widely known throughout the organization. This makes it very difficult to control where powerful credentials are used – and for what purpose. In-Depth Auditing of privileged Logons to such ERP systems is often hard to configure or subject to other challenges like performance issues. Because many of the applications these complex systems support are Internet-facing to facilitate data flow across multiple audiences and third-party entities, attackers constantly find new ways to exploit vulnerabilities to gain privileged access and disrupt operations.

 CyberArk Privileged Access Security Solution for SAP

 Today, more than 91 percent of the Forbes 2000, as well as the most valued global brands and government agencies, rely on enterprise management software leader SAP for the modern business tools needed to run their businesses and help predict the future needs of their customers. As SAP adoption continues to surge, there is a critical need for organizations to reduce the attack vector and manage privileged access. This is strongly evident when you consider that the average damage of an SAP breach is estimated at $5 million – a staggering cost to many organizations.

Although SAP has designed security measures to address common vulnerabilities and security risks, they are primarily based on SAP-specific use cases. These highly complex, high-touch systems require a great deal of time and manual work to maintain proper cyber hygiene – to the tune of 4,000+ security patches – making it nearly impossible for security teams to keep up. As a result, securing privileged access using native SAP tools creates additional operational complexity and often falls short of meeting security and compliance mandates.

 In a recent On the Front Lines webinar, I highlighted CyberArk’s certified integration with SAP, powered by NetWeaver. As the industry’s only SAP-certified solution that helps organizations automatically discover, onboard and secure SAP accounts and credentials across all layers of the enterprise, organizations now have a way to better protect against insider and external attacks across their SAP environments, including SAP ERP systems.

If you missed the live discussion, I invite you to tune in to the on-demand presentation to learn how to stay one step ahead of attackers by:

  • Managing and securing SAP credentials: Strengthen your overall security posture and improve operational efficiencies by onboarding accounts directly into CyberArk. With CyberArk, you can also automate password rotation and enable multi-layered privileged access security controls across the SAP stack – from the application layer to databases, operating system and servers.
  • Reducing privileged access security risk:Quickly detect and halt suspicious activity by monitoring SAP privileged user activity. CyberArk complements SAP’s security controls by managing, protecting and controlling the use of privileged accounts. CyberArk provides a consistent approach to reducing privileged access security risk across the entire enterprise for SAP solutions and other high-value applications and infrastructure.

For additional information check out the CyberArk Marketplace or download our solution brief and whitepaper.

Previous Article
The Role of Privileged Access in Healthcare Security and Compliance
The Role of Privileged Access in Healthcare Security and Compliance

The increased use of electronic personal health information (ePHI) and rapid advances in healthcare technol...

Next Article
Ten Steps for Securing Privileged Access
Ten Steps for Securing Privileged Access

In today’s digital world, privileged accounts, credentials and secrets are everywhere—on-premises, in the c...