Defend against Ransomware attacks on SAP systems

defend sap ransomware attacks

SecurityBridge warns: traditional cybersecurity methods are not enough when existing SAP vulnerabilities can be used as attack vectors.

Ingolstadt, December 7, 2021 – Ransomware is the bugbear of IT security departments these days. SAP has only been affected to a limited extent so far, but it can certainly be abused as a gateway. SAP applications therefore need holistic protection, recommends SecurityBridge, provider of cybersecurity for SAP applications. Defending against attacks is usually less expensive than dealing with the consequences of a successful attack.

Traditional cybersecurity methods are not enough to successfully defend against ransomware attacks on SAP systems. These usually focus on endpoints, networks and backups – important security components that still do not provide sufficient protection against attacks. The reason: existing SAP vulnerabilities can very easily be used by criminals as attack vectors.

To protect SAP applications from ransomware attacks, SAP user companies should ensure robust, accurate real-time threat monitoring and support it with modern techniques such as anomaly detection. Abnormal operations are thus detected and reported in real time, regardless of how much the threat actors change their attack vectors.

Necessary measures in the course of prevention include regular updates of all components including SAP and hardening from the client to the SAP application. Containment precautions are found primarily in network segmentation. 

Christoph Nagy, CEO of SecurityBridge: “So far, too little attention has been paid to separating critical infrastructure and client architecture strongly enough. Ideally, SAP systems should be operated in their own network segment, especially in hybrid SAP cloud environments. Then it is ensured that any attack in such a network segment will only remain there.”

Christoph Nagy

CEO at SecurityBridge

Monitoring neuralgic points is one of the protective measures in the course of detection; in addition, regular training and awareness training of its employees as well as service providers should be carried out, for example, to detect phishing mails. Taking out “cyber” insurance is also a possibility.

Posted by

Till Pleyer
Share on linkedin
Share on twitter
Share on email
Find recent Security Advisories for SAP©
Download the White Paper “YOUR ROAD TO SAP SECURITY” to learn about the major milestones towards increasing the cybersecurity posture of your SAP systems.
SAP security roadmap
As a Partner and Sales Manager you will recruit, enable and manage Partner organizations and thus effectively extends the reach of our organization in new and existing verticals, segments, and regions ...
SAP security roadmap
Open Position
In the role of a Support Agent, you will support our customers in using our leading SAP Security Platform. Our customers deserve the best support for the best SAP security product. You can help us set a new benchmark!
SAP security roadmap
In the position of Contract & License Manager, you are responsible for preparing, negotiating, and recording business contracts on behalf of SecurityBridge. Your duties include ...
SAP security roadmap
SecurityBridge is looking for a Scrum and Release Master to join the core product development team for platform security. You would become part of an already existing team where you are encouraged to evolve and ...