Spyware, Ransomware and Worms. How to prevent the next SAP tragedy presented at 44CON 2019

by Jordan Santarsieri,

Summary : Is not a secret that SAP is a market leader and one of the principal software providers of the core business applications around the world, nearly 95% of the Fortune-500 companies heavy rely on SAP to perform their most critical and daily operations such as processing payroll, benefits, storing sensitive customers’ information, handling credit cards, logistics and many more.Due to the “ERP Complexity of the simple things” and in combination with several proprietary protocols, entry-points and default misconfigurations, ERPs are particularly vulnerable to Spyware, Ransomware and Worms, making them the ideal targets for this type of attacks due to the economic significance that these systems hold.Join me on this completely new and highly technical talk, in which I’m going to explain through several live demos how the different types of malware could impact SAP and what actions you could take to prevent the next SAP tragedy.As an added value, we will reveal for the first time, our very own project “ARSAP”, a semi-automatic mechanism that detects and register all the SAP systems that are exposed to the Internet, extracting the system’s metadata and cataloging the assets in base of their Geo-location, system type, version, installed components, etc.