Skip to main content
close search
site logo
Dive Brief

Malicious actors seeking exploits in SAP and Oracle ERP applications on the rise, US warns

Published July 26, 2018
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Wikimedia Commons

Dive Brief:

  • A warning was issued describing malicious cyber activity directed at enterprise resource planning (ERP) applications by the United States Computer Emergency Readiness Team (US-CERT) Wednesday. US-CERT was informed of the increase in ERP vulnerabilities exploitation by research from Digital Shadows Ltd. and Onapsis Inc.

  • The current ERP market leaders are SAP and Oracle. Hacktivist groups, namely with connections to the Anonymous group, are specifically targeting SAP and Oracle ERP applications with the intention of "sabotaging operations and compromising business-critical applications," according to the research.

  • Nearly 80% of global transaction revenue "touches" an SAP system and researchers saw a specific increase in exploits for SAP apps, like SAP HANA for dark web hackers and cybercriminal forums, according to the report. But over the last three years, public exploitations of SAP and Oracle ERP apps have increased by 100%.

Dive Insight:

When the US-CERT issues a warning, it's in a company's best interest to pay attention. ERPs are used for managing business processes including product lifecycle management, customer relationship management and supply chain management, according to US-CERT. In other words, ERP system security is invaluable to a business.

Breaches exposing sensitive data have increased over the last few years. Because an ERP system consists of applications that handle payroll, treasury, inventory, financial planning and sales, to name a few, they hold a wealth of company data.

Current ERP application risks extend beyond proof of concept exploits as compiling research is indicating that malicious actors are able to identify public-facing applications. So before anything, an organization needs to know the "criticality of the data" it has on its ERP applications, according to Michael Marriott, research analyst for Digital Shadows and Juan Pablo Perez-Etchegoyen, CTO of Onapsis, in an email to CIO Dive.

Companies should remove interfaces and APIs that pose a risk between different ERP applications, paying exclusive attention to those that have third parties or are internet-facing.

ERP applications are trickier for businesses than traditional applications because they have a difficult time administering patches, according to Marriot and Pablo Perez-Etchegoyen. Because of this, flaws and exploits can exist in ERP applications for much longer.

Recommended Reading

Filed Under: Security, Software

Editors' picks

Company Announcements

View all | Post a press release
Blackpoint Cyber Launches Global Partner Program and Enablement Platform Emphasizing a Focus o…
From Blackpoint Cyber
October 30, 2024
NeuBird Named a Cool Vendor in the 2024 Gartner® Cool Vendors™ in IT Operations Leveraging Gen…
From NeuBird
November 11, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Viz.ai Wins Prestigious Prix Galien USA Award for Best Digital Health Solution
From Viz.ai
November 12, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell