Contact us today.

Subscribe me to your mailing list

Default password

Chinese attack on USIS using SAP vulnerability – Detailed review and comments

On 11th of May, a security headline broke the news about the USIS cyber attack (U.S. Investigations Services) potentially conducted by Chinese state-sponsored hackers via a vulnerability in SAP Software. Hackers broke into third-party software in 2013 to open personal records of federal employees and contractors with access to classified intelligence, according to the government’s largest private employee investigation provider [1].

USIS is a federal contractor which conducts background checks for DHS – the largest commercial provider of background investigations to the federal government. It has more than 5,700 employees providing services in all 50 states of the U.S. territories and overseas. As the result of the breach, more than 27,000 personnel seeking security clearances were compromised. Similar hacks also affected servers at the Office of Personnel Management (OPM), which holds information on security clearance investigations. Once hackers have a list of employees who possess government security clearances, they can exploit other aspects of those employees’ lives for further malicious gain.

Within a couple of hours after information that it was an SAP vulnerability we contacted with journalists of DarkReading and gave them feedback and some comments.

Now we sharing all comments that were prepared as well as additional research conducted by us, to tell you what can be the next steps for organizations to secure their systems and prevent these attacks.

Below you can find the timeline of this attack investigation, the collection of historical facts from different resources, and our comments on the topic.

Read more..

SAP NetWeaver ABAP security configuration. Part 3: Default passwords for access to the application

For the two previous weeks we’ve been discussing the top-9 critical areas and the 33 steps to be taken for security assessment. Ultimately, we’ve covered patch management flaws – the first critical category in our list. As you should have probably guessed, today it’s time we take a closer look at the next item from our list of critical issues – default passwords.
Read more..