A warning was issued describing malicious cyber activity directed at enterprise resource planning (ERP) applications by the United States Computer Emergency Readiness Team (US-CERT) Wednesday. US-CERT was informed of the increase in ERP vulnerabilities exploitation by research from Digital Shadows Ltd. and Onapsis Inc.
The current ERP market leaders are SAP and Oracle. Hacktivist groups, namely with connections to the Anonymous group, are specifically targeting SAP and Oracle ERP applications with the intention of "sabotaging operations and compromising business-critical applications," according to the research.
Nearly 80% of global transaction revenue "touches" an SAP system and researchers saw a specific increase in exploits for SAP apps, like SAP HANA for dark web hackers and cybercriminal forums, according to the report. But over the last three years, public exploitations of SAP and Oracle ERP apps have increased by 100%.
When the US-CERT issues a warning, it's in a company's best interest to pay attention. ERPs are used for managing business processes including product lifecycle management, customer relationship management and supply chain management, according to US-CERT. In other words, ERP system security is invaluable to a business.
Current ERP application risks extend beyond proof of concept exploits as compiling research is indicating that malicious actors are able to identify public-facing applications. So before anything, an organization needs to know the "criticality of the data" it has on its ERP applications, according to Michael Marriott, research analyst for Digital Shadows and Juan Pablo Perez-Etchegoyen, CTO of Onapsis, in an email to CIO Dive.
Companies should remove interfaces and APIs that pose a risk between different ERP applications, paying exclusive attention to those that have third parties or are internet-facing.
ERP applications are trickier for businesses than traditional applications because they have a difficult time administering patches, according to Marriot and Pablo Perez-Etchegoyen. Because of this, flaws and exploits can exist in ERP applications for much longer.