Published in News

SAP and Oracle targeted by hackers

by on26 July 2018
SAP and Oracle targeted by hackers


Mostly exploiting a failure to patch

At least a dozen companies and government agencies have been targeted, and thousands more are exposed to data breaches by hackers exploiting old security flaws in Oracle and SAP management software, two cybersecurity firms and Homeland Security have warned.

Systems at two government agencies and firms in the media, energy and finance sectors were hit after failing to install patches or take other security measures advised by Oracle or SAP, security firms Onapsis and Digital Shadows said in the newly published report.

The alarm was raised because firms store highly sensitive data – including financial results, manufacturing secrets and credit card numbers – in the vulnerable products, known as enterprise resource planning (ERP) software and in related applications for managing customers, employees and suppliers.

In an alert entitled “Malicious cyber activity targeting ERP applications”, the Homeland Security’s National Cybersecurity and Communications Integration Center highlighted signs of increasing hacker focus on ERP applications, citing the study.

“An attacker can exploit these vulnerabilities to obtain access to sensitive information”, said NCCIC, an arm of the U.S. Computer Emergency Readiness Team (US-CERT).

An SAP spokesman said that, in general, the company takes security issues seriously across its organisation.

“Our recommendation to all of our customers is to implement SAP security patches as soon as they are available - typically on the second Tuesday of every month - to protect SAP infrastructure from attacks."

Oracle  did not say anything but both companies release regular patches to known security bugs in their software. However, customers are often reluctant to make fixes out of fear doing so might disrupt their manufacturing, sales or finance activities.

One of the highest profile attacks occurred in 2013 and 2014 when hackers used an SAP vulnerability to break into the U.S. Investigations Service, the largest commercial provider of background checks and security clearances for federal employees.

This year, hackers began exploiting a vulnerability in WebLogic servers which Oracle fixed last October. Their targets included attacking Oracle PeopleSoft ERP systems so as to make money from mining crypto currencies, the report said.

Digital Shadows combed through Google searches, social media chatter and the dark web where they found discussions in Chinese and Russian hacker forums regarding how to use specific SAP and Oracle vulnerabilities.

They also discovered some hackers were eavesdropping on discussion boards where third-party technology contractors share work tips, including default passwords that hackers can use to access some systems.

Hacker interest in how to exploit SAP and Oracle vulnerabilities spiked two years ago and jumped another 160 percent last year across Twitter, according to the study.

Last modified on 26 July 2018
Rate this item
(0 votes)
Tagged under
More in this category: « Qualcomm abandons NXP deal AMD announces its Q2 2018 financial results »
back to top

Most popular

Latest comments

Read more about: