ERPScan CTO gave a shocking presentation at RSA Europe in Amsterdam

Amsterdam, Netherlands – October 31, 2013 ERPScan CTO Alexander Polyakov delivered a shocking presentation called “If I Want a Perfect Cyberweapon, I’ll Target ERP” at RSA Europe in Amsterdam. He presented the newest report by ERPScan research center, dedicated to cyber-attacks and ERP systems.

The purpose of this annual report is to show a high-level overview of SAP security in figures so that the problem area is not just theoretically comprehensible but based on actual numbers and metrics – from the information about the number of found issues and their popularity to the number of vulnerable systems, all acquired as a result of a global scan.

I’m shocked, really, that this perfect weapon has not been made yet (or we just don’t know about it?). Everybody’s talking about attacks on critical infrastructure between countries, but big commercial companies have even more power: they can make their own corporate wars by industrial espionage. What can they target? Business applications like ERP/CRM systems storing all corporate data. Learn how.

Alexander also shared the discovery of a new SAP trojan by Dr. Web researchers in collaboration with ERPScan.

A new variant of the well-known Shiz remote access trojan (RAT) searches infected systems for the existence of SAP applications. Previous versions of the malware were designed simply to compromise Windows PCs with a remotely-accessible backdoor before stealing confidential data such as passwords and cryptographic certificates connected to online banking.

All it does right now is to check which systems have SAP applications installed,”, says Alexander Polyakov. “However, this might be the beginning for future attacks.”

More information about the trojan is available in press releases by The Register, Dark Reading and other resources.