Malicious Cyber Activity Targeting Critical SAP Applications

The Cybersecurity and Infrastructure Security Agency (CISA) has published an advisory recommending that operators of SAP systems review an alert released today by security researchers from Onapsis and SAP and apply necessary updates and mitigation measures. The Onapsis/SAP alert details observed threat actor activity and techniques that could lead to full control of SAP applications, which help organizations manage critical business processes that include enterprise resource planning, product lifecycle management, customer relationship management, and supply chain management. According to the alert, exploitation could lead to full control of unsecured SAP applications, bypassing common security and compliance controls, enabling attackers to steal sensitive information, perform financial fraud or disrupt mission-critical business processes by deploying ransomware or stopping operations. Read the advisory at CISA.