Recently, according to reports from cybersecurity companies such as Check Point and Kaspersky, cyber-attack attempts in Chile have increased significantly (see article in El Mostrador). Among those affected by this type of attack are important organizations such as Sernac, the Joint Chiefs of Staff of the National Defense, BancoEstado, the Administrative Corporation of the Judiciary and, recently, Mercado Público. In the latter case, the Chilecompras web platform had been down for about ten days (see Interferencia’s note).
SAP systems are, in general, very critical systems and, therefore, highly desirable for ransomware-type attacks; in addition, they usually handle very valuable data. Potential threats include not only external cyber-attacks, but also attempts at fraud or information leaks, which usually come from within companies or institutions. In this context, in its Trust Center SAP promotes different actions to take care not only of security, but also of data privacy, compliance and transparency.
Given the increase in threats, it is now necessary to protect the operational continuity of SAP systems and the data residing in them with multiple additional security measures, to cover all exposed flanks – the attack surface – and mitigate the risks that cannot be eliminated with all these layers of protection.
Until now, the security of SAP systems was mainly concentrated in three areas:
Given the new nature of attacks, these traditional security measures are not sufficient to safeguard SAP systems and their data. In this year’s SAP Insider “Cybersecurity Threats to SAP Systems” survey, respondents were asked to rank the top cybersecurity threats to their SAP systems from highest to lowest. Ransomware (data hijacking) attacks, unpatched systems and credential compromise were ranked as the most important to systems, as they were last year. The continued growth of cloud migration, integration, data augmentation, virtualization, mobile device access and the Internet of Things (IoT) have made securing these connections a critical element of cybersecurity. Vulnerabilities due to unsecured systems and connections can be a direct channel to SAP for ransomware, malware (malicious software) and other attacks.
If we look at the different layers that make up the security of an SAP system (see figure), we can see the following:
The current threat environment has prompted the emergence of various tools to provide additional security for SAP system environments. However, these do not constitute a solution on their own. Technical knowledge of the associated security concepts is required in addition to the tool itself. It also requires ongoing, structured processes for monitoring, detection, notification, and response to security incidents.
For this reason, comprehensive solutions to the different vulnerabilities, in the form of services delivered by a specialized provider, are more effective. Among these solutions we can highlight the following:
In Novis we have services and new advanced security options for SAP systems, of which we will show more details in later deliveries. For more information about our services, we invite you to contact us.
Feedback/discussion with the author: Glen Canessa.