SecurityWeek reports that SAP systems have been subjected to a 400% increase in ransomware attacks during the last three years, while hacker forum conversations regarding SAP vulnerabilities and SAP-specific cloud and web services rose by 490% and 220%, respectively, over the same period.
Attacks leveraging SAP vulnerabilities have been conducted by high-profile threat operations, including APT10, Cobalt Spider, FIN7, and FIN13, against organizations, with Cobalt Spider and FIN13 setting sights on the finance, retail, and hospitality sectors, and FIN7 aiming for different industries' payment systems, according to an Onapsis and Flashpoint report. Moreover, mounting dark web conversations regarding SAP were also accompanied by a significant increase in exploit prices.
"This evidence further reinforces the need to ensure SAP applications are not only protected at the operating system/endpoint level, but also at the application level validating that SAP Security Notes, configurations, interfaces, third-party transports, and user authorizations are properly secured," said the report.