Cyberattacks are now on the rise, with the most recent and significant attacks in the United States being ransomware assaults on Colonial Pipeline, meat processing business JBS USA, and Miami-based Kaseya. Examine this timeline of the World’s Biggest Data Breaches & Hacks from 2004 to April of this year for a frightening yet intriguing representation of this trend. A prominent US Justice Department official recently advised CEOs in an interview with CNBC that businesses must be aware of the surge in assaults and prepare.
Why are these attacks becoming more common? And how did businesses become so vulnerable? It’s not that these businesses haven’t taken precautions; it’s simply that the “conventional” approach of preparedness and response to ransomware does not work anymore.
When most cybersecurity experts think about malware, they think of two quick, “conventional” solutions: backups plus endpoint security. Without a question, both are important components of a sound security program. However, their existence may mislead businesses into a false feeling of security, since holes persist, particularly with regard to business-critical systems, which are now more interconnected than before.
The Drawbacks Of An Outdated ERP
Overcoming these gaps is hard and difficult if your firm has an outdated, on-premise enterprise resource planning (ERP) system. As an instance, a large, publicly listed firm recently had a ransomware assault on its ERP application information.
- Were there any back-ups? Yes, once a week, the backup was updated. Nonetheless, activities were suspended. Although backups are in place, it might take quite some time to recover from a backup when this happens, and the adverse effects on the financial and business losses are significant nonetheless.
- Did they have endpoint protection? Yes, but the hackers got around the endpoint detection and response (EDR) system by accessing information via the application. EDR is excellent for detecting actions on infected assets and allows for the confinement and collection of artifacts like process trees and malware-created files, however, the application level remains a problem. And these hackers used that application layer, which was not being inspected by the program, to breach business-critical assets.
Threat actors can gain complete control of programs by exploiting flaws such as PayDay, 10KBLAZE, and RECON. These malicious actors travel directly to the application and, once inside, descend to the OS level. When considering digital transformation projects, new technologies in place, new access points, Internet of Things (IoT), and a rise in distant users perhaps operating from insecure networks can all lead to greater risk.
Risk-Based Vulnerability Mitigation
Finally, a new security architecture is required to guard against malware, one that stretches beyond just securing endpoints, backing up files, and praying for the best. According to Gartner, businesses should put in place a risk-based vulnerability mitigation approach that includes threat detection. Ransomware frequently relies on unpatched systems, allowing the hacker to readily navigate once within the programme. This goal may be achieved using a risk-based vulnerability management strategy that incorporates threat intelligence and monitoring of users, activities, and flaws at the database and application layers.
Automated, smarter, and embedded security is required for digital transformation. Smart automation like ML and AI provided by a contemporary ERP base makes it easier to protect your systems against assault.
Throughout the life of an app, security flaws develop and evolve. Modern ERPs allows companies to automate and prioritize critical app lifecycle elements such as the ability to rule access and manage personas and customers; monitor configuration settings and custom code; routinely apply updates and patches; review RFC (remote function calls) connections as well as interfaces; monitor log data for discrepancies and threats; and monitor commercial transactions.
Another thing to think about is operating your ERP in the cloud. As one SAP consumer food products firm highlighted, there are significant benefits to running in the cloud, “for us, it was 30% less costly to move to the cloud compared to on-premise upgrade costs.” The same client also stated that it provided them with “a simplified disaster recovery plan.” The cloud can also give a more simplified strategy while profiting from cloud and software providers’ security best practices and upgrades.
It’s past time to reconsider ransomware. To develop the proper risk-based patch, code, and vulnerability management processes, organizations should use the tremendous intrinsic security capabilities of current software technologies and cloud architecture. Organizations can substantially decrease their risk models, keep one step ahead of malware gangs, and prevent costly business interruption and downtime by doing so.