Skip to content
Linkedin Twitter Facebook Xing
< Back to Overview

Defend against Ransomware attacks on SAP systems

defend sap ransomware attacks

SecurityBridge warns: traditional cybersecurity methods are not enough when existing SAP vulnerabilities can be used as attack vectors.

Ingolstadt, December 7, 2021 – Ransomware is the bugbear of IT security departments these days. SAP has only been affected to a limited extent so far, but it can certainly be abused as a gateway. SAP applications therefore need holistic protection, recommends SecurityBridge, provider of cybersecurity for SAP applications. Defending against attacks is usually less expensive than dealing with the consequences of a successful attack.

Traditional cybersecurity methods are not enough to successfully defend against ransomware attacks on SAP systems. These usually focus on endpoints, networks and backups – important security components that still do not provide sufficient protection against attacks. The reason: existing SAP vulnerabilities can very easily be used by criminals as attack vectors.

To protect SAP applications from ransomware attacks, SAP user companies should ensure robust, accurate real-time threat monitoring and support it with modern techniques such as anomaly detection. Abnormal operations are thus detected and reported in real time, regardless of how much the threat actors change their attack vectors.

Necessary measures in the course of prevention include regular updates of all components including SAP and hardening from the client to the SAP application. Containment precautions are found primarily in network segmentation. 

Christoph Nagy, CEO of SecurityBridge: “So far, too little attention has been paid to separating critical infrastructure and client architecture strongly enough. Ideally, SAP systems should be operated in their own network segment, especially in hybrid SAP cloud environments. Then it is ensured that any attack in such a network segment will only remain there.”

Christoph Nagy

CEO at SecurityBridge

Linkedin Xing Github

Monitoring neuralgic points is one of the protective measures in the course of detection; in addition, regular training and awareness training of its employees as well as service providers should be carried out, for example, to detect phishing mails. Taking out “cyber” insurance is also a possibility.

Download German Version as Pdf

Posted by

Till Pleyer
Find recent Security Advisories for SAP©
View Advisory for Nov'20
whitepaper SAP Fiori
Download the White Paper “Bridging the Gap – How SecurityBridge Supports NIST CSF in SAP Environments”. Learn how choosing the right tool can significantly shorten the journey of NIST CSF adoption and improve the security posture of SAP environments.
Sales & Partner Manager APAC Singapore

Sales & Partner Manager – APAC Market (Singapore)

Careers
We are expanding our operation in the APAC region and are looking for an experienced Sales & Partner Manager to join our team in Singapore. The ideal candidate will have at least 5 years of experience in sales, with a focus on software sales, SAP security, or cybersecurity.
Pre-Sales Consultant APAC Singapore

Pre-Sales Consultant – APAC Singapore

Careers
As a Pre-Sales Consultant at SecurityBridge, you will be instrumental in our rapid expansion within the APAC region. You will directly contribute to the growth of our innovative SAP security solution, SecurityBridge.
SAP Security Patch Tuesday 2024

SAP Security Patch Day – April 2024

SAP Security Patch Day
For April 2024, 10 new Security Notes have been released and 2 have been updated. What stands out is that there are no ‘Hot News’ notes in this release. But let that not be a reason to ‘lower your guard’! We explore some interesting highlights below.