Every company nowadays uses a variety of enterprise applications to enable employees to perform their duties. These applications include ERP, CRM, file sharing, and other tools.
Often, business applications are targeted by cybercriminals. One unprotected vulnerability opens up opportunities for serious cyber attacks. As a result, the offender can get access to financial instruments, confidential data and personal information of clients. Moreover, the affected company itself may unwittingly become a tool in fraudulent schemes.
More than 70% of the applications used in the corporate environment get damaged by at least one vulnerability that will be detected during the first scan using special tools. For Java applications, this number is even higher — more than 80%. At the same time, less than 30% of companies conduct regular checks for any vulnerable components.
It is not easy to provide the necessary maintenance for all applications in the enterprise since its number is constantly changing. Today, even small businesses can use up to 500 applications. Thus, an employee, based on his/her own preferences or habits, can afford to install a favorite application, which in the future will be a potential entry point for an attack.
Another threat is that more than 80% of the data that is inside the company either comes from public file-sharing systems or is loaded with applications that do not provide reliable storage of received data. The larger the enterprise, the greater the scale of potential threats and damage to the business.
According to VP Distinguished Analyst, Neil MacDonald
“As financially motivated attackers turn their attention ‘up the stack’ to the application layer, business applications such as ERP, CRM, and human resources are attractive targets. In many organizations, the ERP application is maintained by a completely separate team and security has not been a high priority. As a result, systems are often left unpatched for years in the name of operational availability.”
One of the most serious threats may be the manipulation of the production environments of enterprises. This is the goal that cybercriminals pursue, trying to penetrate corporate information systems. There may be several scenarios for implementation of such penetration, but the most likely is a creation of disruptions in the work of information systems and a creation of so-called “digital clones” of management systems, whose activities will be aimed at disrupting business processes.
As a plausible example of such an attack, an easy-to-understand scenario can be cited: by gaining access to an ERP (enterprise resources planning) system, attackers substitute financial document numbers, transfer money, or even reboot the system. The result of such intervention is direct theft of funds from a company’s accounts and indirect losses that could be catastrophic for a business.
Clouds, mobility, and digital transformation are rapidly increasing the ERP attack area in 2018. More than 17,000 ERP applications from SAP and Oracle are open to the Internet. Many of their versions are vulnerable and have unprotected components. They belong to the largest commercial and governmental organizations of the world located in the most top-rated countries such as Great Britain, Germany, and the USA. Those who pose a threat are well aware of this and actively share information through the darknet and criminal forums to find this kind of public applications and make them their target.
The vast majority of large organizations use SAP and Oracle ERP applications to support business processes, as well as Microsoft Dynamics & GNU. These include products such as SAP Business Suite, SAP S / 4HANA, Microsoft Dynamics Naf, and Oracle E-Business Suite / Financials. Programs used for: financial planning, salary management, treasury, inventory, production, sales, logistics.
They store data such as financial results, production formulas, prices, critical intellectual property, credit cards, and personal information about employees, customers, and suppliers, as well as other confidential information.
The cybersecurity concerns of ERP have largely been ignored due to the lack of publications about hacks and information about those who pose a threat in this, as many security experts believe, a complex and little-known segment. That’s why criminals are constantly improving their tactics to profit from the organizations.
The demand for cybersecurity services is expected to be about $96 billion in 2018. As an example, Oracle, and SAP lost their reputation in the ERP field and still struggle to get all clients back. That’s why new innovative solutions and methods to combat hacker attacks are born every day. In order to be sure, your company has to go through regular checks such as penetration testing.
No system is perfectly secure; no system is without flaws and weaknesses. If you are convinced yours is safe and sound, you just don’t know about potential vulnerabilities yet. At Hacken, we take security extremely seriously, and all the checks are performed according to the highest standards. If you have any questions about the topic or need a consultation, feel free to contact our Team!
Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.