Learn, hack!

URL

https://media.blackhat.com/bh-us-10/whitepapers/Di_Croce/BlackHat-USA-2010-Di-Croce-SAP-Backdoors-wp.pdf

File name

BlackHat-USA-2010-Di-Croce-SAP-Backdoors-wp.pdf

File size

314.2 KB

MD5

7912c76f42cffd26f6e292809e6fb5eb

SHA1

70e2350d36c541fd4b846f3f828a45d4e013aba2

In any company, the ERP (Enterprise Resource Planning) is the heart of the business technological platform. These systems handle the key business processes of the organization, such as procurement, invoicing, human resources management, billing, stock management and financial planning. Among all the ERPs, SAP is by far the most widely deployed one, having more than 90.000 customers in more than 120 countries and running in Fortune 100 companies, governmental and defense organizations. The information stored in these systems is of absolute importance to the company, which unauthorized manipulation would result in big economic losses and loss of reputation. This talk will present an old concept applied to a new paradigm: SAP Backdoors. We will discuss different novel techniques that can be deployed by malicious intruders in order to create and install backdoors in SAP systems, allowing them to retain access or install malicious components that would result in imperceptible-and-ongoing financial frauds. After the description of these techniques, we will present the countermeasures that should be applied in order to avoid these attacks and protect the business information, effectively reducing financial fraud risks and enforcing compliance. Furthermore, we will release a new Onapsis free tool that will help security managers to automatically detect unauthorized modifications to SAP systems. Is your SAP backdoored? If your answer is "I don’t know," you may consider attending to this talk.