Cybersecurity was a big theme of President Biden’s recent trip to Europe, just one month after he signed an executive order to strengthen the US’s defenses against an increasingly challenging global cyber-threat landscape.
At the G7 Summit in Cornwall, UK, Biden and other world leaders agreed to work together to address cyber threats from state and non-state actors and to hold accountable those countries that harbor criminal ransomware gangs.
But as Biden himself pointed out in his executive order, “cybersecurity requires more than government action.” In other words, there’s an onus here on the private sector, too. In particular, Biden said, “the private sector must adapt to the continuously changing threat environment, ensure its products are built and operate securely, and partner with the federal government to foster a more secure cyberspace.”
SAP landscapes under attack
This should be of particular concern to companies that use SAP to run their core operations. A joint threat-intelligence report from SAP and Onapsis, released on 6 April this year, warns that cyber attackers are actively exploiting known SAP security vulnerabilities to steal information and compromise mission-critical SAP landscapes.
The report says that for every 1,500 cyber-attacks launched on SAP systems between mid-2020 and March 2021, over 300 were successful. The earliest cyber-attack was recorded within 72 hours of SAP releasing patches for a vulnerability, and unpatched SAP applications deployed to cloud environments were discovered and exploited in less than three hours.
These threats impact both security and compliance, the report warns. Exploitation could lead to full control of unsecured SAP applications, bypassing common security and compliance controls, and “enabling attackers to steal sensitive information, perform financial fraud or disrupt mission-critical processes by deploying ransomware or stopping operations,” according to the report. Companies may also find themselves in breach of regulations including SOX, GDPR, CCPA and others, it adds.
Clearly, this alarming state of affairs calls for immediate action. SAP and Onapsis suggest that measures taken should include “swift application of the relevant SAP security patches and a thorough review of security configurations of their SAP landscapes, as well as performing a compromise assessment and forensic investigation of at-risk environments.”
Read more on what SAP cyber security is.
Keeping on top of the situation
Most SAP operations teams have the best intentions to keep on top of the cyber threat situation, but many continue to struggle. That’s entirely understandable when you consider that SAP systems are extremely complicated, often highly customized to meet the needs of the companies running them and pretty tricky to update, too. The fact is that many SAP operations teams don’t realize their SAP landscapes are riddled with vulnerabilities - and even where they do, the time, skills and budget needed to plug the holes are already under huge pressure.
5 Reasons Automation will transform your SAP landscape >>
At Avantra, we have engineered our technology with these issues in mind, to keep your SAP landscapes firmly locked down. We provide a template set of best practices in security, which can be tailored to your specific requirements and can either automatically apply these best practices to your systems or automatically audit them every day.
Our monitoring can help you answer important, security-related questions: Are standard passwords configured for system users? Are system changes prevented in productive ABAP clients? Is our audit log configured properly? Are certificates about to expire? Find out more about SAP Security Monitoring.
On top of this, new developments are coming down the line. Later this year, Avantra will start automatically scanning SAP HotNews releases and compare these with the Notes already implemented on each managed SAP system. It will automatically suggest implementing the missing ones on a per-system basis.
Our aim is to deliver peace of mind for organizations that rely on SAP to stay up and running, even in the face of the increasing mayhem wreaked by cyber criminals on the wider world.