SAP and Onapsis Proactively Notify and Help Customers Protect Mission-Critical Applications from Active Cyber Threats

Rhea-AI Summary

SAP and Onapsis have released a cyber threat intelligence report detailing how unprotected SAP applications are targeted by malicious actors. Collaborating with the U.S. Department of Homeland Security and Germany's BSI, they urge organizations to apply existing SAP patches and secure configurations promptly. No breaches linked to this research have been reported, nor are there new vulnerabilities in SAP's cloud services. Organizations failing to address these issues risk data theft, operational disruptions, and regulatory compliance failures.

Positive

• Joint report promotes awareness about cyber threats, potentially leading to increased security for SAP customers.
• No known breaches directly associated with this research, suggesting existing protections are somewhat effective.
• SAP's commitment to enhancing cybersecurity is reinforced through collaboration with Onapsis and government agencies.

Negative

• Organizations are still operating unprotected SAP applications, posing significant risks to data and operations.
• Critical vulnerabilities have known patches available, yet many customers have not implemented them, exposing themselves to potential exploitation.

SAP (NYSE: SAP) and Onapsis today jointly released a cyber threat intelligence report providing actionable information on how malicious threat actors are targeting and potentially exploiting unprotected mission-critical SAP applications. The companies have worked in close partnership with the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and Germany’s Federal Cybersecurity Authority (BSI), advising organizations to take immediate action to apply long-available SAP patches and secure configurations, and perform compromise assessments on critical environments.

SAP and Onapsis are not aware of known customer breaches directly related to this research. The report also does not describe any new vulnerabilities in SAP cloud software as a service or SAP’s own corporate IT infrastructure. Both companies, however, note that many organizations still have not applied relevant mitigations that have long been provided by SAP. Customers who fail to apply these protective measures and allow unprotected SAP® applications to continue to operate put themselves and their business at risk.

The intelligence captured by Onapsis and SAP highlights active threat activity seeking to target and compromise organizations running unprotected SAP applications, through a variety of cyberattack vectors. Observed exploitation techniques would lead to full control of the unsecured SAP applications, bypassing common security and compliance controls, and enabling attackers to steal sensitive data, perform financial fraud or disrupt mission-critical business processes by deploying ransomware or stopping operations. These threats may also have regulatory compliance implications for organizations that have not properly secured their environments.

“This proactive research effort is the latest example of our commitment to ensure our global customers remain protected,” said Tim McKnight, chief security officer, SAP. “We’re releasing the research Onapsis has shared with SAP as part of our commitment to help our customers ensure their mission-critical applications are protected. This includes applying available patches, thoroughly reviewing the security configuration of their SAP environments and proactively assessing them for signs of compromise.”

The scope of impact from these specific vulnerabilities is localized to customer deployments of SAP products within their own data centers, managed colocation environments or customer-maintained cloud infrastructures. None of the vulnerabilities are present in cloud solutions maintained by SAP.

“As a SAP partner for cybersecurity and compliance, we have observed firsthand the outstanding improvements SAP has made in the recent years to develop more secure software, patch critical vulnerabilities faster and overall proactively ensure SAP customers are secure,” said Mariano Nunez, CEO and cofounder of Onapsis. “The critical findings noted in our report describe attacks on vulnerabilities with patches and secure configuration guidelines available for months and even years. Unfortunately, too many organizations still operate with a major governance gap in terms of the cybersecurity and compliance of their mission-critical applications, allowing external and internal threat actors to access, exfiltrate and gain full control of their most sensitive and regulated information and processes. Companies that have not prioritized rapid mitigation for these known risks should consider their systems compromised and take immediate and appropriate action.”

To support customers that require investigation, threat remediation and additional post-compromise security monitoring, Onapsis is offering a 3-month free subscription to the Onapsis Platform for Cybersecurity and Compliance, an SAP endorsed app that can be accessed through SAP Store.

About Onapsis

FAQ

What did SAP and Onapsis reveal in their recent report?

They highlighted the risks of unprotected SAP applications being targeted by cyber threat actors.

Are there known breaches related to SAP applications according to the report?

No, SAP and Onapsis stated they are not aware of any known customer breaches related to this research.

What actions should SAP customers take based on the report findings?

Customers are advised to apply long-available SAP patches and secure configurations to mitigate risks.

What is the main focus of the SAP and Onapsis report?

The report focuses on the active threat landscape targeting unprotected SAP applications and the necessary protective measures.

How does this report affect SAP's stock performance?

The emphasis on cybersecurity may enhance trust among investors, but the unaddressed vulnerabilities could pose risks.