March-19-20-2015 talk on Troopers15, Heidelberg, Germany “Hacking Fortune 2000th CEO’s mobile: Security of SAP Mobile infrastructure” by Dimitry Chastuhin
Heidelberg, Germany – March 19, 2015 Dmitry Chastuhin delivered a presentation titled “Hacking Fortune 2000th CEO’s mobile: Security of SAP Mobile infrastructure”.
Have you ever thought how to get access to most influential data stored on a Fortune 2000 CEO’s mobile phone and rule the world? Today, we are witnessing unprecedented number of Mobile devices being integrated into the core business processes of companies and actively being accessed by top Executives to manage them remotely. Another aspect being the level of access, even if mobile access for a typical middle-level employee is restricted or limited, CEOs can do everything! There are more and more business applications and an increasing number of mobile devices out there. The “mobilization” of enterprises also forces the advent of evils associated with integration and security. You might hear of many talks regarding mobile security but never has anything significant related to an SAP Mobile ecosystem been spoken on before. These systems access essential functions of a large enterprise, which in turn often deploy a plethora of business systems and heterogeneous fleet of devices. Essentially, Information needs to be transmitted quickly and safely. The SAP’s best-known software products are its enterprise resource planning, CRM and BW applications that are deployed in almost all companies in the Forbes Global 2000 list. You already hear a lot about vulnerabilities in different SAP’s platforms and now the new emerging scenario dictates that even their Mobile infrastructure needs to be paid a closed attention. It consists of multiple systems such as SAP Mobile Platform (Formerly Sybase Unwired Platform) also SAP Afaria MDM solution, Sybase SQL Anywhere Database and hundreds of SAP’s mobile applications. They even have their own store for mobile apps that can be developed by third parties. This talk is an attempt to highlight how one can hack SAP Mobile.
The eighth edition of the one of the most significant IT-Security Conferences, where the world’s leading IT-Security experts and Hackers present their latest research took place on March 19th – 20th 2015 in Heidelberg, Germany.
Troopers provides a networking platform for Security interested people from all over the world and gives an opportunity to experts from the industry, academia and the research community to exchange knowledge and talk about their work. Troopers event is famous for their main interest lying in the area of high-end workshops with hands-on experiences and most importantly real answers and practical benefits from the up-to-date experience.
Troopers 2015 will take part in Heidelberg, not far from SAP main Headquarters. Troopers were one of the first global IT events where ERPScan made its first steps of becoming a worldwide recognised product in 2010.