February-03-2014 Webinar “If I want A Perfect Cyberweapon I’ll Target ERP” by Alexander Polyakov
This webinar was based on presentation made by Alexander Polyakov on RSA Conference 2013 in Amsterdam.
This presentation covered these hot topics:
The newest report by ERPScan research center, dedicated to cyber-attacks and ERP systems. The purpose of this report was to show a high-level overview of SAP security in figures so that the problem area is not just theoretically comprehensible but based on actual numbers and metrics – from the information about the number of found issues and their popularity to the number of vulnerable systems, all acquired as a result of a global scan.
On our webinar an SAP trojan also was shown which was found by Dr. Web researchers in collaboration with ERPScan.
This new variant of the well-known Shiz remote access trojan (RAT) searches infected systems for the existence of SAP applications. Previous versions of the malware were designed simply to compromise Windows PCs with a remotely-accessible backdoor before stealing confidential data such as passwords and cryptographic certificates connected to online banking.