Each year companies dedicate millions of dollars for IT and security budgets to prevent cyber security breaches. However, these budgets are only effective if part of the budget is allocated to preventing new and advanced threats, closing security gaps in your business infrastructure and monitoring the systems for intrusions and malicious activities.
We have all seen recent headlines and publications about the Anthem breach and its unprecedented number of 80 million affected customers. According to Anthem’s own FAQ page… “Anthem is doing everything it can to ensure there is no further vulnerability to its database warehouses” , and despite the magnitude of the situation, there are no additional details about the products that were compromised during the breach. The Onapsis Research Labs and Incident Response Teams have seen this type of breach before and most often we see that the database warehouses are compromised. This is not hard to do on an SAP system and typically, when organizations do not have the right security measures or controls in place, we have had to assist organizations on a massive scale clean up project.
SAP provides many solutions that are widely adopted for data warehousing, the most famous being SAP BW or SAP Business Warehouse. If you are an SAP customer, you are most likely running some type of SAP BI, BO or BW.
These solutions hold a centralized database of business data, as they receive information from many different business solutions, such as the ERP, CRM, SCM, HCM and SRM, to name a few. Therefore the information stored on these databases represents a high value asset, not only for the company, but also for potential attackers such as state-sponsored, competitors, former employees, criminal organizations, and more. Onapsis continuosly holds presentations about vulnerabilities and mitigations to attacks affecting SAP solutions, and last year we presented on vulnerabilities and attacks affecting business warehousing solutions .