Ransomware: Is Your SAP System Vulnerable?
(3 minute read)
Ransomware attacks are on the minds of CIOs everywhere, and with good reason: a recent report from Trend Micro found that 84% of U.S. organizations have reported phishing or ransomware security incidents in the last 12 months.
In the most severe cases, a ransomware attack can cripple your company’s systems and networks for days, or even months. According to a recent report from the Ransomware Task Force, a business hit with ransomware is down an average of 21 days, and it can take up to 287 days to fully recover from an attack.
Is Your SAP System Vulnerable?
The most common tactics for bad actors trying to infiltrate your network involve email phishing campaigns to exploit remote desktop protocol (RDP) and software vulnerabilities. That being the case, it’s reasonable to think that end user education is the best line of defense. However, end user education may not be enough.
SAP systems generally do not have a lot of interactions over public access channels, so one might think they are not at risk. However, according to Digital Shadows and Onapsis, bad actors have been ‘upping their game,’ and can now mount attacks behind the company firewall to go deeper into business networks to gain access to internal, previously inaccessible ERP systems.
On-Premises SAP Systems are at Risk
The ransomware cases we’ve encountered with SAP customers have been in on-premises environments, typically with legacy SAP systems. Those legacy systems were in run mode over a period of years, and the business had not been proactive about maintaining the latest versions and applying patches across the environment.
If you are hosting your SAP system on premises, the question to ask is twofold: 1) how old is the SAP system, and 2) how often do you patch it? All cyberattacks get in by using exploits at the network layer, the operating system layer, and the application layer. Depending on the type of exploit, it presents risks to whatever vulnerabilities your SAP system may have.
Steps You Can Take to Mitigate Risk
While system backup and disaster recovery cannot prevent malicious intrusions, they can help to lessen the impact of a cyber incident. One of the best ways to get best-in-class services is to work with an experienced managed cloud hosting partner to ensure that your SAP environment is well protected.
If your SAP environment is currently hosted on premises, NTT DATA Business Solutions offers an assessment service to analyze your SAP environment and make recommendations about steps you can take to keep it safe from intrusions. During the assessment, our experts look at the SAP versions you are running, whether you are up to date with security patches, and dependencies on the operating system and database.
In cases where the IT team has not been able to keep up with updates and patches, or there are major issues with SAP licensing, it may be necessary to reimplement to get to the required levels for a safe environment. Depending on the results of the assessment, the conversation may also turn to whether it would be best to move the on-premises environment to a public cloud or managed cloud solution.
To protect your SAP system from cyber events, you basically have three options:
- Take steps to maintain existing on-premises systems by applying current versions and patches.
- Bring in outside assistance to help with patch management and testing.
- Move to a cloud hosting solution with an experienced managed cloud partner.
What it boils down to is this: looking at the systems within your environment, which can you live without and still function as a business? SAP is not one of them.
For a more detailed discussion about this important topic, download our expert brief, Steps You Can Take to Protect your SAP System Against Vulnerabilities.