SAP software is used by enterprises to track and manage many business operations including manufacturing, human resources and sales. This means that SAP servers usually contain a lot of sensitive information like customer details, trade secrets, intellectual property or financial data, which can be valuable for attackers.
Depending on the permissions of the stolen SAP credentials, in addition to stealing data, attackers can set up rogue payments or disrupt business operations.
According to ERPScan, 86 percent of companies on the Forbes 500 list use SAP software.
To mitigate the damage caused by possible attacks on their SAP systems, companies should grant users the minimum access privilege level required to complete their job, should implement two-factor authentication, run anti-malware programs and network intrusion detection systems, train their employees to avoid malware infections and keep the software running on their workstations up to date, McDonald said.
"This trojans targeting of businesses, as opposed to individuals, is an alarming move and we will be monitoring this for further developments to protect and inform our customers," he said.