Scammers use DocuSign API to send fraudulent invoices
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Over 300 successful exploit attempts. That’s the worrying statistic from just one popular ERP system over a brief six-month period. It’s a statistic that should be ringing alarm bells for all CFOs. The time has come to ask yourself: Is my ERP system leaving me exposed to a dangerous security breach?
SAP is one of the world’s leading enterprise software developers. Its ERP platform enables customers to manage their business operations using a range of modules, including finance and accounting applications, through one fully-integrated environment.
The integrated nature of SAP’s software offerings enables smooth information flows between the various SAP modules. This allows organisations to achieve significant efficiencies, removing the need for redundant data entry. It also helps organisations maintain consistent controls.
However, with the benefits of a fully-integrated ERP platform come additional potential risks. Without the right internal segmentation in place, a breach in any one of the modules can open the way for lateral movements that see cyber attackers access data across the entire platform.
This is a big concern when you consider that more than 400,000 organisations globally use SAP software. This includes 92% of the companies in the Forbes Global 2000, spanning a wide range of industries such as pharmaceuticals, critical infrastructure, utilities, food distribution, government agencies and more.
So, any breaches are likely to have widespread ramifications. That is why reports that cyber criminals are actively exploiting security vulnerabilities in SAP applications should be a wake-up call for all CFOs about potential vulnerabilities in fully-integrated ERP systems more generally.
The SAP ERP vulnerabilities demonstrate how cyber criminals are able to breach the perimeter defences and then engage in lateral movements across various applications. After gaining access, the attackers engaged in privilege escalation to achieve complete access across the entire system.
This gave them full access to the ERP’s finance and accounting applications. With high-level access, it’s easy to see how financially motivated criminals could manipulate vendor banking data to carry out digital fraud.
This paved the way for adversaries to carry out a range of attack vectors, including:
For Accounts Payable (AP) teams at impacted organisations, the big risk is that the next time they pay an invoice to a supplier, the banking data in their ERP system or Vendor Master File may have been unknowingly manipulated.
This could see the organisation defrauded as funds would be paid directly to the attacker’s bank account.
You shouldn’t assume this problem is unique to SAP.
Reports of ERP breaches have been surfacing for some years. Past breaches have impacted other popular ERP systems, such as Oracle.
Some reports indicate that 64% of organisations using ERP platforms have been victims of cyber-attacks, with financial data targeted in 34% of cases. This clearly indicates that the attacks are often financially-motivated and that the perpetrators are seeking to carry out some form of digital fraud.
Clearly CFOs need to be coordinating closely with their organisation’s IT or Security teams to make sure that all relevant patches on ERP systems are being rolled out in a timely manner. And whilst patching is critically important, it alone is not guaranteed to prevent all breaches.
We know that cyber criminals are hunting for vulnerabilities in digital supply chains as a way to compromise those organisations holding valuable data assets. Few platforms in the digital supply chain can offer attackers as much access to potential targets as ERP systems.
This should be of concern to all CFOs.
Whilst you may not be able to prevent all attempted breaches through your organisation’s ERP system, you can take steps to reduce the risk of being defrauded.
With eftsure’s unique collaborative fraudtech solution, any time you need to pay a supplier invoice, the banking details will be cross-checked in real-time against an independently sourced and verified database of nearly 2 million Australian organisations.
This verification occurs right at the point of payment, giving you confidence that the banking details you’re using match the details used by others when paying the same supplier. This helps reduce the risk that cyber criminals have manipulated the supplier banking data held in your ERP or Vendor Master File.
For a no-obligation demonstration of eftsure’s capacity to help you avoid digital fraud, contact us today.
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Because LinkedIn is used as a professional networking platform, account holders don’t use the same caution as they would on Facebook or …
US construction and government sectors lost $7.7 million in BEC scams. Learn how fraudsters exploited financial controls and how finance leaders can protect their organisations.
End-to-end B2B payment protection software to mitigate the risk of payment error, fraud and cyber-crime.