Organizations that run SAP also need to improve their cyber resilience with the cyber threat heightened
Following Russia’s unprovoked, premeditated attack on Ukraine, several National Cyber Security Centres (NCSC) urge to call on organisations in Europe, the US and many other places around the globe to bolster their online defences.
The NCSC from both the Netherlands and the United Kingdom has urged organisations to follow its guidance on steps to take when the cyber threat is heightened. The United States CISA and FBI issued a joint statement to advise organizations to prepare for increased cyber activities and report anomalous cyber activity and/or cyber incidents.
While most of the above agencies have not yet claimed specific threats to their local organisations concerning events in and around Ukraine, there has been a historical pattern of cyber attacks against Ukraine with international consequences. There are reports of attacks via Wiper malware and DDOS against Ukrainian organisations, also with the potential to impact organisations outside of Ukraine. According to advisories, there is a risk that Russian cyberattacks will spread to government and business networks in the US and other NATO countries as a result of the growing international support for Ukraine and anticipated retaliation for sanctions imposed on Russia.
Organisations worldwide are therefore strongly encouraged to follow the actionable steps in the guidance and best practices offered by the abovementioned agencies to reduce the risk of falling victim to an attack. Specifically, organizations are advised to secure remote access to networks, patch software to address known vulnerabilities, limit the attack surface by disabling unnecessary ports and services, and monitor, detect and respond to potential intrusions.
This is no different for SAP driven organisations, especially since securing SAP systems can be challenging. With more internet exposure, complex setup and configuration, large landscapes, limited specialised resources and increasing pressure on compliance and security, this is the moment to act.
For more SAP security-related news, articles, and whitepapers, please follow us on LinkedIn!