Department of Homeland Security USA Warns ERP Giants of Impeding Cyber Attack

US Department of Homeland Security (DHS) warns users against ERP Attack

Department of Homeland Security of America has warned users against impending cyber attacks on ERP (Enterprise Resource Planning) systems.
Homeland security is a US based national security that ensures that the area of the country within the national boundary is safe, secure and resilient against terror attacks.
The basis of this warning is the report published by Threat Intelligence firms that depicts that there has been a sudden surge in the interest of the hackers to target ERP systems who may use both hacking and DDoS (Distributed denial of Service) attacks to carry out disruption and compromise these high-value assets.
Attacks of this nature were first warned in May 2016 when the exploitation on 36 global organizational institutions was suspected through the abuse of the seven year old vulnerability in SAP applications.

What is ERP? Why cyber criminals target ERP systems?

ERP (Enterprise Resource Planning), is referred to as business management software that enables collection, management, storing, and interpretation of various aspects of business such as finances, customer accounts, finances, HR issues, product distribution, sales etc.
ERPs are web-based applications that use 3 different types of deployments – Cloud, On-Premise, Hybrid, Cloud ERP suite being the prominent among all for large companies and their subsidiaries.
Reason for ERP being a prominent target among the intruders is the data depth and richness of business related information ERP servers holds. Vast majority of large organizations have implemented from vendors such as Oracle or SAP. They rely on the products of these renowned ERP platforms like SAP Business Suite, SAP S/4 HANA and Oracle E-Business Suite/Financials to support business processes. As these processes hold important business information such as inventory, management, manufacturing, sales, logistics, billing, credit cards and Personally Identifiable Information (PII) from employees among other sensitive information, breaching ERP servers would be a feast for cyber criminals.

New Research Findings

ERP applications are being exploited by cyber criminal organizations, leveraging old vulnerabilities and acquiring SAP-HANA specific exploits. These include:
  • According to the researches, there has been a 100% surge in publicly available three years old exploits for SAP and Oracle RP applications.
  • From 2016 to 2017, ERP- specific vulnerabilities have seen an increase of 160%.

Expanding ERP attack Surface:


Read Full News :- Click hear

Comments

Post a Comment

Popular posts from this blog

How to remove Speedtest-guide.com redirect from your system

Image
Guide to Remove Speedtest-guide.com redirect Speedtest-guide.com redirect is a nasty browser hijacker that changes the default browser settings such as home-page, search engine & new tab functionality. In addition to that, it displays annoying ads & causes infuriating redirects to dubious sites, thus deteriorating the web-browsing experience. This rogue browser redirector claims to be a free tool that can be used to test Internet speed & customize the web search. It also enables the users to keep a track of the previous tests & access speed boosting tips. While Speedtest-guide.com appears to be a useful & legit application, the users have reported of its questionable behavior. Firstly, to operate on a system, it requires modifying the browser settings without user’s permission. It does so to promote a fake search engine - Speedtest-guide.com. It causes unnecessary browser redirects & possesses the capability of tracking down user’s online
Read more

The novel DNS protocol helps Mozart Malware evade detection

Image
The nasty Mozart Malware has made a major comeback in the cyber-world. Yes, the devious malware known for infecting the Home Depot Inc, United States & breaching data is now using a novel DNS protocol to communicate with the remote hackers. This new DNS Protocol is also being used by Mozart Malware to remain under the radar of security solutions & other intrusion detection systems. Read on to know more about this backdoor malware. The First Attack of Mozart Malware Mozart malware made its first appearance in September 2014 after it hacked the Home Depot Inc., United States. According to the sources, this earlier unknown & unseen malware was specifically crafted to attack the Home Depot, the largest home development vendor in the United States. The word “Mozart” was observed in the software’s malicious code& it is suspected to have connections with the hacker’s system, the sources state. Read Full Article
Read more

How to remove ZUpdater.exe Trojan from your system?

Image
Guide to Remove ZUpdater.exe Trojan - ZUpdater.exe Trojan is a nasty threat to the Windows OS based devices. It uses the infected system’s resources to generate illicit crypto currency without the user’s permission or knowledge. Software Bundling & Free Programs are the prime methods used by ZUpdater.exe Trojan to proliferate its infection. Some of the free downloads offered on the internet do not reveal if other software is being installed in the background. Thus, they easily make their way into the system without user’s consent. Once ZUpdater.exe virus is installed, it consumes over 90% of the CPU’s power & graphics card power of the targeted system. This way, it makes the system extremely sluggish & deteriorates the performance of the PC. According to cyber-security analysts, while the system is running slow, hackers use computer’s resources to generate illicit revenue for themselves. Victims from around the world are looking for ways to remove
Read more