Holding 39% of the world marker client-server ERP systems, SAP continues to provide businesses with enterprise software for managing operations and customer relations. Despite the company’s success, the software corporation was breached six years ago by cyberhackers. The initial attacks were intended to exploit a vulnerability and gain access the old SAP systems. As a matter of fact, a security researcher from Onapsis discovered that SAP are still using outdated or misconfigured systems. In response to all threat reports, SAP released this statement “All SAP applications released since then are free of this vulnerability,”. Even though the company fixed claimed their security problems, tangible evidence showed that SAP systems are not being updated regularly. Furthermore, a lack of security will give outside attacker’s access to SAP systems if the software is not properly patched.
Europe’s biggest software company known as SAP became vulnerable numerous security gaps and outside cyberattacks. For instance, the security problem that was supposedly patch over five years ago, has been used for the past three years to gain unauthorized access into databases of big corporations. These issues are caused by the Invoker Servlet; the servlet is a built-in functionality in SAP NetWeaver Application Server Java systems, which does not require user identification. Essentially, an attacker can easily bypass authentication and authorization rules defined in the web.xml files of Java and gain full access to SAP platforms.
Years of damage showed a lack of awareness around how SAP systems must be protected and monitored. The prolonged issue created exposure to the increased risks of malicious attacks for 36 organizations worldwide. Despite the increase of security risks, information stolen from SAP was difficult for experts to measure. Nonetheless, reports of evidence proved that cyber-attackers gained access to USIS systems through an exploit in a system managed by a third party. The findings were found by a variety of logs; including firewalls, security events, VPN and SAP trace logs.
The U.S. Department of Homeland Security’s Computer Emergency Response Team issued security released warnings to SAP for their on-going security problem. They recommended following the directions in SAP Security Note 1445998 and disabling the Invoker Servlet. In addition, US-cert are encouraging users and administrators to scan systems for all known vulnerabilities, monitor systems for suspicious behavior, and to analyze the security settings on a regular basis.
Security shortfalls and IT vulnerabilities keep emerging all the time. Because security threats and attack happen everyday, understanding system management should be top priority. Ultimately, the responsibility to protect and update systems with security patches falls on the customers, not the software company. Improve your security posture against targeted attacks with a dedicated cyber security team. In fact, Threat Vector by The LCO Group defines a comprehensive security baselines for systems. By taking our approach, we will provide your organization with top solutions that will improve any cyber risk exposure – Guaranteed.