An increasingly sophisticated cybercrime industry is launching a range of attacks aimed at organisations and critical infrastructure. Such attacks are growing in volume and sophistication, putting our collective economic recovery at risk at a time when organisations invest more heavily in digital technologies.
Global attacks on Internet of Things devices, for example, have risen 300% in 2019 alone, and cost organisations untold amounts of revenue and disruption to their business operations.
One study found that the average cost of cybercrime is $13-million per successful attack, a huge 72% increase over the past five years. The growing digitisation of industries across the region, and the increasing power of the tools at cybercriminals’ disposal, mean the cost of such attacks is likely to grow even further over the coming years.
In short, cyberattacks are posing an existential threat to the economic recovery of the West Africa region.
Cybercriminals set sights on oil and gas ‘whales’
The oil and gas sector is central to the economic fortunes of the West Africa region. In Nigeria alone, the sector accounts for 10% of GDP, and revenue from petroleum exports contribute 86% of total exports revenue.
Upstream revenue for oil and gas in the region is expected to register a compound annual growth rate (CAGR) of 6.7% between 2020 and 2025, while crude oil production could register a CAGR of 9.63% over the same period.
Worryingly, cyberattackers are ruthlessly targeted the global oil and gas sector. A 2017 study found that 68% of companies in the sector had experienced at least one compromise that had resulted in the loss of information or a disruption in their operations in the past year.
In a recent example, cybercriminals successfully shut down the Colonial Pipeline, effectively halting 50% of the supply of petrol and diesel to the US East Coast. In another example, ExxonMobil revealed it blocks more than 64 million emails, 139 million internet access attempts and 133 000 other potentially malicious actions every month.
The economic consequences of a successful cyberattack on this critical sector can be devastating to a region already suffering collateral damage from the pandemic. The situation calls for a radical rethink of how organisations across the region – and across industries – bolster their defences and protect against cyberattacks.
Attacks on ERP systems growing
As the nerve centre of modern intelligent enterprises, ERP systems are increasingly targeted by cybercriminals. Attackers know these systems run business-critical applications and house sensitive information, so any data breach could provide access to information they can later use in the service of a range of cybercrime activities.
As these systems increasingly shift to the cloud and integrate a growing suite of business applications, the opportunities for cyberattackers increase too.
The amount of transactional data in typical ERP systems, for example, represent a veritable gold mine to cybercriminals. So does the information about vendors, suppliers and partners – the more cybercriminals know about the internal operations of a business, the easier they will find vulnerabilities to exploit.
The Nigerian Data Protection Regulation, which was announced in 2019, is Nigeria’s most comprehensive data protection law and is set to transform how organisations collect and process data in the country. Organisations should look at shifting their attitudes to security and treat it as a critical business imperative for both compliance and better protection against attack.
Taking steps to securing West African enterprises
Integrating an Enterprise Threat Detection solution for example gives insight into suspicious activities in an organisation’s ERP and other business-critical applications. This allows organisations to identify breaches as they occur and react in real time to neutralise any dangers.
A real-time data platform can help efficiently analyse and correlate log data to help security teams understand what happened within an application, database, operating system or network component, and improve how the organisation scouts for cyberattacks across its most valuable IT assets.
The importance of ERP systems to the effective running of West African enterprises makes them prime targets for cyberattacks. SAP has worked with enterprise security leaders around the world to develop tools that seamlessly integrate with ERP systems and help protect an organisation’s critical data assets from cyberattacks and data breaches.
Organisations across the region need to recognise the threat that cybercrime poses to their operations, their reputations, their employees and their partners. Business leaders, their security teams and their technology partners need to urgently implement new controls or risk becoming the latest victim in a rising tide of highly damaging – and increasingly sophisticated – cybercrime.
Visit the SAP News Center. Follow SAP on Twitter at @SAPNews.
About SAP
SAP’s strategy is to help every business run as an intelligent enterprise. As a market leader in enterprise application software, we help companies of all sizes and in all industries run at their best: 77% of the world’s transaction revenue touches an SAP® system. Our machine learning, Internet of Things (IoT), and advanced analytics technologies help turn customers’ businesses into intelligent enterprises. SAP helps give people and organizations deep business insight and fosters collaboration that helps them stay ahead of their competition. We simplify technology for companies so they can consume our software the way they want – without disruption. Our end-to-end suite of applications and services enables business and public customers across 25 industries globally to operate profitably, adapt continuously, and make a difference. With a global network of customers, partners, employees, and thought leaders, SAP helps the world run better and improve people’s lives. For more information, visit www.sap.com.
# # #
Any statements contained in this document that are not historical facts are forward-looking statements as defined in the U.S. Private Securities Litigation Reform Act of 1995. Words such as “anticipate,” “believe,” “estimate,” “expect,” “forecast,” “intend,” “may,” “plan,” “project,” “predict,” “should” and “will” and similar expressions as they relate to SAP are intended to identify such forward-looking statements. SAP undertakes no obligation to publicly update or revise any forward-looking statements. All forward-looking statements are subject to various risks and uncertainties that could cause actual results to differ materially from expectations. The factors that could affect SAP’s future financial results are discussed more fully in SAP’s filings with the U.S. Securities and Exchange Commission (“SEC”), including SAP’s most recent Annual Report on Form 20-F filed with the SEC. Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of their dates.
© 2020 SAP SE. All rights reserved.
SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP SE in Germany and other countries. Please see https://www.sap.com/copyright for additional trademark information and notices.
Note to editors:
To preview and download broadcast-standard stock footage and press photos digitally, please visit www.sap.com/photos. On this platform, you can find high resolution material for your media channels. To view video stories on diverse topics, visit www.sap-tv.com. From this site, you can embed videos into your own Web pages, share video via email links, and subscribe to RSS feeds from SAP TV.
For customers interested in learning more about SAP products:
Global Customer Center: +49 180 534-34-24
United States Only: 1 (800) 872-1SAP (1-800-872-1727)
For more information, press only:
Delia Sieff, SAP Africa, +27 (11) 235 6000, delia.sieff@sap.com
Adam Hunter, SAP Africa, +27 (711) 787 035, adam.hunter@sap.com