← All talks

SAP's Security Flaw: Encryption Missing Since 1992! #shorts

BSides Frankfurt · 20261:04843 viewsPublished 2026-03Watch on YouTube ↗
Tags
CategoryTechnical
About this talk
SAP systems, running since the 90s, initially lacked encryption. This impacts secure access to vital data like medical records and financial systems, especially when systems go down. #SAP #Cybersecurity #DataSecurity #Encryption #TechHistory
Show transcript [en]

SAP has developed in 1992 and earlier with knowledge from IBM and well, it runs exactly the same like at that time. So, guess what was missing at that time. Correct encryption. So, by default, that stuff is missing. But, when you now look, those are proprietary protocols, user accessing your business data and business systems speaking to other systems. And that could be IoT, that could be another business system, that could be maybe a partner system, by the way, over the internet, that could be I don't know what else. And now, maybe you know where SAP is used. Your medical records in a hospital, when you come there and you have an accident, is in an SAP system.

And if you ever work, for example, in that environment or in a financial system, and you know when the SAP system's down, you're laying there, half dead, "Sorry, SAP's down, we cannot help you." It's secure, by the way.

Related talks

0:52
SAP Security: Reverse Engineering Protocols & Network Fun! #shorts
BSides Frankfurt · 2026
39:40
The Dark Side of Wireless Networks: Intro to Wi-Fi Hacking
BSides Prishtina
43:55
Metody pozostania w ukryciu w sieci i w terenie
BSides Warsaw
28:37
Elliptic Curve Cryptography for those who are afraid of maths
BSides London
45:24
It's the Little Things
BSides PDX · 2018
31:02
The Security Vulnerability Assessment Process, Best Practices & Challenges
BSides Delaware · 2012