Many mid-size and large businesses rely on the comprehensive and complicated SAP platform to run their core business processes. As a result, it is necessary to take note of the conclusions of NTT Security Holding’s ‘2022 Global Threat Intelligence Report’ and to ensure that the organization’s cybersecurity plan encompasses the SAP ecosystem and reflects the constantly changing threat landscape.
Sophisticated and Significant Cybersecurity Threats
The status quo is challenged by a dynamically developing threat landscape of motivated cyber attackers, innovative tools, and perfected strategies. With the COVID-19 pandemic and rising supply-chain disruptions threatening business continuity, businesses are looking for cybersecurity partners more than before. Our blog highlights 5 significant global findings pertinent to successful SAP-based everyday business operations and demonstrates why SAP application security is critical to an organization’s cybersecurity strategy.
The Top 5 Global Threat Intelligence Discoveries
1. Critical Infrastructure and Supply Chains are under attack.
COVID-19 and the digital revolution changed the threat landscape. Geopolitical tensions and continued supply chain disruption have recently impacted industry targeting. Attacks in the technology, telecommunications, transportation, and distribution industries more than doubled. The vast and complicated SAP landscape frequently represents the majority or a substantial piece of crucial infrastructure and a critical component of supply chain business support.
2. Cyber Attacks during Cloud Migration
Migrating to cloud environments assisted in mitigating assaults on platforms and network services. These threats have decreased recently as cloud providers have upgraded their infrastructure and security platform-enabled services. Supported applications, on the other hand, remain under the client organization’s control. It is also evident that the percentage of web application and application-specific threats is increasing. Whether SAP is merely an application-specific part or the web-application frontend, the colossal growth in threats is concerning and necessitates immediate action to guarantee a sound SAP Applications cybersecurity strategy.
3. Increasing the Target Scope and Attack Intensity
It is observed that there is a rise in hostile activity directed at clients, primarily attacks on applications and network infrastructure, as well as denial of service and brute-force operations. Attack volumes climbed in seven of the top ten most targeted industries, with web application and application-specific attacks increasing in nearly every industry and geographic location. The relative rate of attacks on all three top industries fell, showing that more industries were subjected to high levels of hostile behavior. Although the new Log4j vulnerabilities were not reported until late December 2021, Log4j became the eighth most targeted technology for the entire year and the most targeted that month. Proper management of SAP security vulnerabilities has traditionally been a significant responsibility, necessitating a new strategy for implementing monthly essential security fixes. To keep up, SAP-specific security technology is essential. Furthermore, because SAP is dependent on the weaknesses of the surrounding infrastructure, real-time threat detection is critical.
4. As botnets resurface, Trojan deployments skyrocket.
In 2021, Trojans accounted for 65% of malware, up from 35% in 2020. Trojans accounted for five of the top ten most prevalent types of malware globally, five of the top ten in each area, and five of the top ten in practically every industry. In 2021, NTT Security Holdings recorded a 50% increase in detected malware, led by Trojans and botnets. Banking usage has increased. The increased usage of Trojans indicates an increase in cybercriminal activities, whereas the increased use of other Trojans indicates an increase in espionage and trade secret theft. This demonstrates an attacker’s aim to gain control of an environment by exhibiting long-term perseverance. To protect the business-essential SAP landscape from Trojan’s illegal control, advanced SAP-specific security technology can detect 0-day attacks and significant anomalies within SAP is critical. Furthermore, a timely response to these security events is critical to minimizing harm and necessitates alerting the organization’s 24-hour security operations center.
5. The Prevalence of Ransomware Affecting Business Continuity
In 2021, ransomware was responsible for 24% of all incident response engagements with NTT’s Digital Forensics and Incident Response team, a 240% increase from 7% in 2019. Such action suggests that enterprises are becoming increasingly challenged in fighting against and responding to ransomware events. Emails with malicious links or attachments are the most prevalent way for attackers to compromise businesses.
Final Thoughts
Whether your SAP landscape is classic on-premises, in one or more clouds, or even the latest RISE with SAP, you must ensure it is secure against fast-expanding cyber threats. This accountability cannot be outsourced; thus, the SAP cybersecurity plan must be integrated into the organization’s cybersecurity strategy. Our experts provide personalized demos after understanding the business needs. Click
here to talk to our experts.