The new reality with more people working from home, is that security remains a challenge. As mentioned in one of our recent blog posts SAP systems are also affected by the rise in cybercrime. But how can attackers actually exploit the fact that employees access their SAP systems from within their home network rather than in a controlled office environment?
In our webinar on May 7th, we showcased a potential attack on an SAP system, using techniques which are common tools among hackers. Using a password spray attack, we first tried to gain access to the system and subsequently extracted the password hashes of all users. As mentioned, these kinds of attacks are well-known hacking techniques. For SAP, however, even though these attacks leave traces, those traces are hard to detect with the standard tools available in SAP.
In the webinar we demonstrated a solution to this, showing how these traces can be detected in real-time, and what steps should be taken to secure your SAP system.