Published on May 9th, 2015 📆 | 1779 Views ⚑0
Nearly 95% of SAP Systems Vulnerable to Hackers
- Pivots - Pivoting from a low to high integrity systems in order to execute remote function modules.
- Database Warehousing - Exploiting flaws in the SAP RFC Gateway to execute admin privilege commands in order to obtain or modify information in SAP databases.
- Portal Attacks - Creating J2EE backdoor accounts by exploiting vulnerabilities to gain access to SAP portals and other internal systems.
"The big surprise is that SAP cyber security is falling through the cracks at most companies due to a responsibility gap between the SAP operations team and the IT security team," Onapsis chief executive Mariano Nunez says. "The truth is that most patches applied are not security-related, are late or introduce further operational risk."
The Attack Vectors:
"This trend is not only continuing, but exacerbating with SAP HANA, which has brought a 450 percent increase in new security patches," Nunez says. "With SAP HANA positioned in the center of the SAP ecosystem, data stored in SAP platforms now must be protected both in the cloud and on-premise."
To prevent from hack:
- Businesses and companies should stay up-to-date with SAP Security Notes.
- Continually monitor your networks for security and compliance issues.
- Have both cyber security protection and risk management policies in the first place.