Skip to content

Defend against Ransomware attacks on SAP systems

defend sap ransomware attacks

SecurityBridge warns: traditional cybersecurity methods are not enough when existing SAP vulnerabilities can be used as attack vectors.

Ingolstadt, December 7, 2021 – Ransomware is the bugbear of IT security departments these days. SAP has only been affected to a limited extent so far, but it can certainly be abused as a gateway. SAP applications therefore need holistic protection, recommends SecurityBridge, provider of cybersecurity for SAP applications. Defending against attacks is usually less expensive than dealing with the consequences of a successful attack.

Traditional cybersecurity methods are not enough to successfully defend against ransomware attacks on SAP systems. These usually focus on endpoints, networks and backups – important security components that still do not provide sufficient protection against attacks. The reason: existing SAP vulnerabilities can very easily be used by criminals as attack vectors.

To protect SAP applications from ransomware attacks, SAP user companies should ensure robust, accurate real-time threat monitoring and support it with modern techniques such as anomaly detection. Abnormal operations are thus detected and reported in real time, regardless of how much the threat actors change their attack vectors.

Necessary measures in the course of prevention include regular updates of all components including SAP and hardening from the client to the SAP application. Containment precautions are found primarily in network segmentation. 

Christoph Nagy, CEO of SecurityBridge: “So far, too little attention has been paid to separating critical infrastructure and client architecture strongly enough. Ideally, SAP systems should be operated in their own network segment, especially in hybrid SAP cloud environments. Then it is ensured that any attack in such a network segment will only remain there.”

Christoph Nagy

CEO at SecurityBridge

Monitoring neuralgic points is one of the protective measures in the course of detection; in addition, regular training and awareness training of its employees as well as service providers should be carried out, for example, to detect phishing mails. Taking out “cyber” insurance is also a possibility.

Posted by

Till Pleyer
Find recent Security Advisories for SAP©
Download the White Paper “YOUR ROAD TO SAP SECURITY” to learn about the major milestones towards increasing the cybersecurity posture of your SAP systems.
SAP Security Services
SAP Cybersecurity- Security News
Many companies have recognized the need for SAP cybersecurity, but many have also realized that they cannot accomplish this alone. There are many reasons for this. It can be due to the internal teams' workload or due to the employee's level of knowledge. However, there is a solution that neither burdens your internal staff nor demands additional knowledge. A specialized managed SAP Security Service allows you to harden mission-critical systems, detect and promptly counteract non-compliance, and implement monitoring with accurate anomaly detection.
Patch Management
SAP security provider SecurityBridge—now operating in the U.S.—today announced the full integration of its SAP Security Platform with the Microsoft Sentinel cloud-native Security Information and Event Manager (SIEM) platform and its membership to MISA. SecurityBridge was nominated to MISA because of the integration of its SAP Controller to the Microsoft Sentinel dashboard. SecurityBridge is a Smart Data Adapter that significantly simplifies security monitoring of critical and highly specific business applications.
Angriffserkennung für SAP
SAP Cybersecurity- SAP Identity and Authorization- SAP Threat Monitoring- Security News
Viele unserer Leserinnen und Leser erinnern sich noch an den 25. Mai 2018, Stichtag der bindenden Einführung der Datenschutzgrundverordnung, kurz DSGVO. Verstöße gegen die neue Regelung können seitdem zu drakonischen Strafen führen. Nun steht, zumindest für diejenigen Unternehmen, die zur kritischen Infrastruktur (KRITIS) von Deutschland zählen, ein ähnlicher Termin ins Haus. Am 1. Mai 2023 müssen betroffene Unternehmen ein System zur Angriffserkennung eingeführt haben.
SAP Cybersecurity Risks
SAP Cybersecurity- SAP Security Framework- Security News
Recently, we gave an insight into the known SAP attackers in our blog. Of course, it can already be deduced from this that there are internal and external SAP attackers. That is why today, we want to look at this from an SAP cybersecurity risk perspective.