Unfortunately, many organizations don’t realize that network security is penetrable and it’s imperative to constantly monitor your SAP applications in real-time to secure them. It requires a more holistic approach to securing your business-critical applications, including things that we would classify as “good security hygiene.” In our recent online seminar “How to implement and enforce a Security baseline for SAP” we demonstrated that threat actors are very aware of how to exploit unprotected mission-critical applications, and are, in fact, actively doing so.
For example, in a recent high-profile attack, the organization was subjected to a ransomware attack on their ERP applications.
Despite implementing good security hygiene such as regular back-ups, their operations were brought to a stand-still. This lapse in productivity can last for days and the damage to reputation and costs are substantial. Attackers simply bypassed the endpoint detection and response (EDR) software by accessing the data through the application. EDR is a crucial component, but the application level still remains a blind spot, and a vulnerability. The attackers, in this example, used that application layer, which was not being directly monitored, in order to compromise the business-critical assets.