A general view of the headquarters of SAP AG in Walldorf, Germany. (Photo by Thomas Lohnes/Getty Images)

Multiple hackers are actively targeting SAP installations that have not updated in nearly a year or use poor account management. The warning, which came from the Department of Homeland Security, SAP and Onapsis, is based on research documenting activity in the wild.

"We want to really send a strong message to our customers around better managing the security of their systems, where they have not," said Tim McKnight, SAP chief security officer, in a briefing for reporters. "These are patched systems, these are things that have already been fixed. But we're concerned about customers that have not applied the fixes for months or years to date."

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.