Menu
A new study warns of rising hacker threats to ERP software

A new study warns of rising hacker threats to ERP software

With at least a dozen companies and government agencies being targeted and thousands more exposed to data breaches by hackers exploiting old security flaws in management software from Oracle or SAP, a new study reminds us of growing pain points associated with cyber attacks. Per the study, inside this enterprise resource planning software companies store financial results, manufacturing secrets and credit card numbers in the vulnerable products with associated application housing customer, employee and supplier information. This pain for corporate security is a positive for our Safety & Security investing theme.

The U.S. Department of Homeland Security is preparing on Wednesday to issue an alert based on the report about the risks posed to thousands of unpatched business systems from software makers Oracle and SAP, which can enable hackers to steal corporate secrets, the researchers said.

Systems at two government agencies and at firms in the media, energy and finance sectors have been hit after failing to install patches or take other security measures advised by Oracle or SAP, experts at security firms Onapsis and Digital Shadows said.

The security alert from the Homeland Security’s Computer Emergency Response Team (US-CERT) includes steps that organisations can take to identify vulnerable systems and close long-standing security gaps, the companies told Reuters.

Many of these issues date back a decade or more, but the new study shows rapidly rising interest by hacker activists, cyber criminals and government spy agencies in capitalising on these issues, Onapsis Chief Executive Mariano Nunez told Reuters.”These attackers are ready to exploit years-old risks that give them full access to SAP and Oracle systems without being detected,” he said. “The urgency level among chief security officers and CEOs should be far higher.”

The new alert, if issued, would expand on a 2016 Homeland Security department warning to SAP customers after Onapsis uncovered plans by Chinese hackers to exploit out-date software used by dozens of companies, Nunez said.

Source: Study warns of rising hacker threats to SAP, Oracle business management software

About the Author

Chris Versace, Chief Investment Officer
I'm the Chief Investment Officer of Tematica Research and editor of Tematica Investing newsletter. All of that capitalizes on my near 20 years in the investment industry, nearly all of it breaking down industries and recommending stocks. In that time, I've been ranked an All Star Analyst by Zacks Investment Research and my efforts in analyzing industries, companies and equities have been recognized by both Institutional Investor and Thomson Reuters’ StarMine Monitor. In my travels, I've covered cyclicals, tech and more, which gives me a different vantage point, one that uses not only an ecosystem or food chain perspective, but one that also examines demographics, economics, psychographics and more when formulating my investment views. The question I most often get is "Are you related to…."

Comments are closed.