Skip to content
defend sap ransomware attacks

Defend against Ransomware attacks on SAP systems

Till Pleyer
December 7, 2021
2 min read

Share Article

SecurityBridge warns: traditional cybersecurity methods are not enough when existing SAP vulnerabilities can be used as attack vectors.

Ingolstadt, December 7, 2021 – Ransomware is the bugbear of IT security departments these days. SAP has only been affected to a limited extent so far, but it can certainly be abused as a gateway. SAP applications therefore need holistic protection, recommends SecurityBridge, provider of cybersecurity for SAP applications. Defending against attacks is usually less expensive than dealing with the consequences of a successful attack.

Traditional cybersecurity methods are not enough to successfully defend against ransomware attacks on SAP systems. These usually focus on endpoints, networks and backups – important security components that still do not provide sufficient protection against attacks. The reason: existing SAP vulnerabilities can very easily be used by criminals as attack vectors.

To protect SAP applications from ransomware attacks, SAP user companies should ensure robust, accurate real-time threat monitoring and support it with modern techniques such as anomaly detection. Abnormal operations are thus detected and reported in real time, regardless of how much the threat actors change their attack vectors.

Necessary measures in the course of prevention include regular updates of all components including SAP and hardening from the client to the SAP application. Containment precautions are found primarily in network segmentation. 

Christoph Nagy, CEO of SecurityBridge: “So far, too little attention has been paid to separating critical infrastructure and client architecture strongly enough. Ideally, SAP systems should be operated in their own network segment, especially in hybrid SAP cloud environments. Then it is ensured that any attack in such a network segment will only remain there.”

Christoph Nagy

CEO at SecurityBridge

Monitoring neuralgic points is one of the protective measures in the course of detection; in addition, regular training and awareness training of its employees as well as service providers should be carried out, for example, to detect phishing mails. Taking out “cyber” insurance is also a possibility.