Defend against Ransomware attacks on SAP systems

defend sap ransomware attacks

SecurityBridge warns: traditional cybersecurity methods are not enough when existing SAP vulnerabilities can be used as attack vectors.

Ingolstadt, December 7, 2021 – Ransomware is the bugbear of IT security departments these days. SAP has only been affected to a limited extent so far, but it can certainly be abused as a gateway. SAP applications therefore need holistic protection, recommends SecurityBridge, provider of cybersecurity for SAP applications. Defending against attacks is usually less expensive than dealing with the consequences of a successful attack.

Traditional cybersecurity methods are not enough to successfully defend against ransomware attacks on SAP systems. These usually focus on endpoints, networks and backups – important security components that still do not provide sufficient protection against attacks. The reason: existing SAP vulnerabilities can very easily be used by criminals as attack vectors.

To protect SAP applications from ransomware attacks, SAP user companies should ensure robust, accurate real-time threat monitoring and support it with modern techniques such as anomaly detection. Abnormal operations are thus detected and reported in real time, regardless of how much the threat actors change their attack vectors.

Necessary measures in the course of prevention include regular updates of all components including SAP and hardening from the client to the SAP application. Containment precautions are found primarily in network segmentation. 

Christoph Nagy, CEO of SecurityBridge: “So far, too little attention has been paid to separating critical infrastructure and client architecture strongly enough. Ideally, SAP systems should be operated in their own network segment, especially in hybrid SAP cloud environments. Then it is ensured that any attack in such a network segment will only remain there.”

Christoph Nagy

CEO at SecurityBridge

Monitoring neuralgic points is one of the protective measures in the course of detection; in addition, regular training and awareness training of its employees as well as service providers should be carried out, for example, to detect phishing mails. Taking out “cyber” insurance is also a possibility.

Posted by

Till Pleyer
Share on linkedin
Share on twitter
Share on email
Find recent Security Advisories for SAP©
Download the White Paper “YOUR ROAD TO SAP SECURITY” to learn about the major milestones towards increasing the cybersecurity posture of your SAP systems.
The Federal Republic is attempting to make critical infrastructure resilient to cyber-attacks by proactively identifying vulnerabilities and implementing measures to protect attractive targets.
how to spot anomalies in SAP
How to reliably detect suspicious actions from within the huge mass of SAP systems and user activity? In this article, we’ll tell you what’s needed to detect anomalies in SAP's log stack and put them into context to find cyber-attacks.
Come and meet us! On June 24, 2022 the US team of SecurityBridge will be at the ASUG Carolinas Chapter Meeting 2022. We are silver sponsor of the event and present with an exhibition table.