BACKEND SYSTEMS
& DATABASES
7% more Security
Notes with respect to 2013, 46% of them critically + SAP HANA, mobile platforms
and SAP users targets of attacks in 2015 + SAP security can no longer be hidden
for longer - this is the conclusion of the SAP Security Advisories 2014 to 2015
the Onapsis published.
The expert team
of Onapsis Research Labs warns in his new Trend Report for SAP security against
the growing threat of SAP systems by threats such as Heartbleed, Shellshock,
Poodle and Zombie Zero. The analysis shows that 2014 has increased over the
previous year, the number of vulnerabilities and exploits that threaten the
security of SAP systems. Elaborate threats that target SAP systems with
business-critical applications take, even disproportionately strong. A special
focus on SAP HANA, mobile threats and directed to such attacks should be for
2015, which have the SAP user directly in his sights.
This year there
were 391 SAP Security Notes, of which 46 percent describe vulnerabilities with
high priority. The Onapsis Research Labs report that 44 of these weaknesses,
and 35 advisories SAP platform and related products concern, which form the
basis for CRM and ERP systems such as SAP HANA, Business Objects and SAP
Business Suite.
Organizations
using SAP Business Objects to track and analyze business performance and
reporting. SAP BASIS, however, is limited to the administrative functions and
processes within an SAP system, for example, the database, the supporting
architecture and user interface.
Complex attacks,
which offset the non-SAP security unrest related and affect SAP platforms.
Thus, the most critical threats Heartbleed (CVE-2014-0160), Shellshock
(CVE-2014-6271) Poodle (CVE-2014-3566) and malware like Zombie Zero. The
increase in the area of complex attacks continued in 2014 continued. This
includes also the frequent appearance of malware that is precisely aligned to
SAP systems - can spy about the Win32 / Gamker Trojan that SAPGUI client
Data must be
protected in the cloud and on terminals
"The
security industry has never been as complex as today. Starting next year, more
and more companies are revising their strategies and begin or continue their
processes to migrate to the cloud," said Ezequiel Gutesman, Director of
Research at Onapsis Research Labs. 2015 exploit vulnerabilities in key
platforms such as SAP HANA undoubtedly hackers. SAP HANA is a central element
of the SAP ecosystem. Therefore, the data stored in the SAP platform data must
be protected both in the cloud and on the access devices of end users. Risk
factors such as stored credentials and cached content therefore require special
attention. Given the evolution of the threat in the industry, we offer all SAP
users regularly Safety and recommend steps to protect their most critical
business data in the coming year."
No comments:
Post a Comment