The National Cybersecurity and Communications Integration Center, which is part of the U.S. Department of Homeland Security, issued an alert on July 25 warning IT administrators about malicious cyberattacks targeting enterprise resource planning applications.
The NCCIC encouraged users and administrators of various enterprise resource planning applications to review a recent report from cybersecurity company Digital Shadows and application security company Onapsis, which found that cyberattackers are increasingly exploiting vulnerabilities in these systems.
The cyberattacks identified by Digital Shadows and Onapsis tended to target applications from Oracle and SAP.
ERP applications typically help organizations manage business processes, such as supply chain, finance, human resources and customer relations. By exploiting vulnerabilities in these systems, a cyberattacker could obtain access to various types of sensitive information, according to the report.
To access the NCCIC's alert, click here.