Protecting your ERP system from cybersecurity breaches

By: SYSPRO on 15 June 2021

Protecting your ERP system from cybersecurity breaches

Cybercrime taps into the vulnerability of business systems and can pose a real threat to a robust supply chain. A sophisticated ransomware attack recently targeted the world’s largest meat processor. Following the business system breach, operations in the US and Australia were disrupted, resulting in a knock-on effect. The meat processor had no option but to shut down nine beef plants in the United States and several plants in Australia. Several truck drivers who specialise in hauling livestock also had no choice but to drive hundreds of miles to pick up cattle from an alternative supplier. For the end-consumer, the long-term impact of the cyber-attack could mean inflated meat prices.

Unfortunately, this is not the only instance of a cyber-attack on critical business. Earlier this year, a ransomware attack on the Colonial Pipeline, which provides nearly half the United States East Coast's fuel supply, resulted in gas and jet fuel shortages in the US. In this case, the hackers demanded $4 million in ransom. While the ransom was paid on the same day, and authorities have since been able to recover around $2.3 million in bitcoin paid in the Colonial Pipeline ransom, the pipeline was only able to function again after six days.

With increased reliance on digital tools, businesses are now understanding the importance of company-wide cybersecurity strategies that take into consideration all IT systems. For manufacturers and distributors, this includes your Enterprise Resource Planning (ERP) solution, as it integrates internal systems and integrates with external third-party systems.

ERP systems contain sensitive information ranging from supplier information on the creditor side and customer information on the debtor side. From a compliance perspective, this information needs to be carefully protected. There is no doubt that ERP is at the heart of the business and needs to be an integral part of the cybersecurity strategy of the organisation.

Your first line of defense starts with knowledge

To safeguard against cyber-attacks, manufacturers and distributors should watch out for a number of ‘social engineered' scams that try to exploit organisational weaknesses.

Distributed denial-of-service (DDoS) attacks seem to be amongst the most prevalent amongst ERP users. Here, cybercriminals target a public-facing endpoint, where a network resource is rendered unavailable to intended users.

Phishing is another example where criminals can exploit systems by sending emails that seem to be from trusted sources or companies. For example, an ERP customer would receive an email from their ERP vendor, often promising a reward or refund, to deceitfully obtain personal information, including passwords, identity number, banking login details.

Another example is pharming. Pharming is a cyber-attack intended to redirect a website's traffic to another, a fake site that aims to steal your information and money. In a pharming attack, the criminal hacks into the website you have opened and redirects you to an imposter site. Much like a phishing scam, many of us won't notice any difference in the rogue site and will enter our username and password, or credit information as usual. The attacker then intercepts the captured information.

Across all cyber-attacks, the one common denominator is the human factor. The risk lies from within a business, so manufacturers should consider a number of steps to safeguard their ERP investment.

Steps to guard your ERP system against possible risks

1. Don’t delay software updates

Security technologies are ever-evolving. What may be safe today, may not be safe tomorrow. Therefore, businesses need to protect their devices by installing the latest versions of any software – including the latest version of your ERP software. In addition to leveraging the latest features, newer software versions remove any vulnerabilities that may put a business at risk.

2. Consider access rights

For some, applying specific access rights across an organisation is an effort. In this scenario, most employees are given full access rights. The problem with this scenario is that it opens up more opportunities for cybercriminals to access sensitive information. Organisations should instead ensure that employees are provided with specific roles and form part of groups with associated security and clearance authorisations.

3. Choose a multi-factor authentication approach

One-factor authentication is archaic and involves a person who matches one credential to verify himself or herself online. This poses a real risk for businesses and a real opportunity for malicious users.
Instead, businesses today need to have an extra layer of security with two-factor or multi-factor authentication. Luckily, modern technology today does offer the option of single sign-on.

Rinse and repeat

Ultimately, a company’s cybersecurity is only as strong as its weakest link. Because the human factor can place your business at risk, a rinse and repeat approach should be taken around cybersecurity education. Staff need to be reminded not to open suspect emails, be wary of unexpected messages, and be reminded to change their passwords often. Education and awareness can strengthen this mindset and can protect your ERP solution from malicious intent.

By JP van Loggerenberg
Chief Technology Officer