Why is Hacker 'rose87168' asking $20M from Oracle? How to Build a Robust cloud Security Strategy!

Recent major cyber-attack on the cloud

While planning this article on cloud security, a key question struck me: What is the most recent major cyber-attack on the cloud? My search led me to an alarming breach involving Oracle Cloud... A threat actor named rose87168 stolen 6 million records from Oracle Cloud’s SSO and LDAP.

It is a huge database which includes:

• JKS files,
• encrypted SSO passwords,
• key files,
• enterprise manager JPS keys.

Over 140,000 tenants have been affected by the breach. The threat actor name rose87168 is now urging companies to reach out and pay a specific “fee” in exchange for the removal of their stolen data.

He also created a page on X (formerly Twitter) and started following Oracle-related accounts (pages). As per rose87168, he also helped Oracle security team to fix the security issues. In return he wanted 20 million, but they ignored rose87168.  Here are some Twitter messages shared by the threat actor.  

I dug deeper and came across an interesting document. In connection with this data breach, a victim named 'Michael Toikach' has filed a lawsuit against Oracle Corporation. Here are some key highlights from the case.

Insights from over 800 cloud and cybersecurity professionals

When a data breach occurs, it can be a costly affair—not just for organizations, but for individuals as well. It brings a host of damaging consequences. So far, I’ve shared just one example of a cloud-based cyber-attack. To better understand the scale and seriousness of the issue, let’s look at some revealing data from the Check Point 2024 Cloud Security Report.

This report sheds light on the growing concerns and shifting priorities in cloud security. The insights presented in the report gathered from over 800 cloud and cybersecurity professionals.

The survey explores:

• The current state of cloud security,
• The effectiveness of existing security measures, and
• The adoption of advanced security solutions.

Security Incidents on the Rise: 

Cloud-related security breaches are increasing at an alarming rate. When organizations were asked, “Has your organization experienced any security incidents related to public cloud usage in the past 12 months?” — the responses were eye-opening.

In 2024 alone, 61% of organizations reported at least one cloud security incident, more than double the 24% reported in 2023. This dramatic surge highlights the growing risks associated with cloud environments and the urgent need for stronger security measures.

This sharp spike shows clearly signals that cloud environments are becoming increasingly vulnerable. It’s no longer just a warning—it’s a wake-up call for anyone relying on cloud infrastructure.

By now, you probably have a good idea of how massive this issue really is. So let’s explore what it takes to secure the cloud.

The three pillars of cloud security

When it comes to keeping your cloud environment safe, there are three essential pillars to focus on:

• Confidentiality,
• Integrity, and
• Availability.

These are the building blocks of all cloud security strategies. But here’s the important part: security in the cloud is a shared job. It’s not just the provider’s responsibility—you, as the user, play a crucial role too. You may think if these three principles are crucial then what so special in cloud security….

Why Traditional Cyber Defenses No Longer Work in the Cloud

As more than 90% of organizations embrace cloud computing,  one truth becomes undeniable: traditional cybersecurity no longer fits this new reality.

The cloud isn’t just a different location—it’s a different way of operating. Dynamic workloads, ephemeral devices, and distributed architectures have changed the game. This shift demands more than just updated tools—it requires a complete realignment of people, processes, and technology.

From bridging the skill gap between legacy and cloud-native teams, to overhauling security processes for fluid environments, to replacing fragmented tools with platforms purpose-built for the cloud—every layer of cybersecurity must evolve.

Adapting cybersecurity to the cloud isn’t just a tech decision—it’s a strategic shift. It starts with your people, expands through your processes, and is realized through the technology you choose.

In the cloud world, speed and innovation are great—but they also open the door to new risks.

Long-term success in the cloud depends on a comprehensive security approach, embedded throughout the entire organization- from the core infrastructure to user practices.

Let’s explore how.

🔹 People: Bridging the Cloud Skills Gap

Many cybersecurity teams were built for static, on-prem environments. But the cloud operates on agility and scale—and that calls for a different skill set. There's a growing gap between traditional cybersecurity professionals and the cloud-native expertise that modern environments demand.

To address this, organizations need to recruit specialized cloud security professionals and invest in continuous upskilling. Cloud-native training programs and certifications are essential to prepare existing teams for the complexities of platforms like AWS, Azure, and GCP.

🔹 Process: Adapting to Cloud-Native Risk

In the cloud, risks evolve with the speed of deployment. Devices and services are ephemeral, IP addresses shift, and configurations can change by the hour. Security cannot remain siloed or reactive.

Modern organizations must enable cross-functional collaboration between developers, security teams, and cloud providers. Understanding the shared responsibility model and building security into DevOps (DevSecOps) processes is essential. It’s not just about securing workloads—it’s about embedding security at every step of development and deployment.

🔹 Technology: Outgrowing Legacy Tools

The cloud is massive, fast-moving, and deeply complex—hundreds of services, multiple architectures, and continuous change. Traditional security tools are often narrow in scope—focusing on just one part of the ecosystem, such as container scanning or CSPM (Cloud Security Posture Management).

But today’s challenges require cloud-native platforms that deliver end-to-end visibility, real-time detection, and smart automation—all in one place.

Do you want to become a Skilled-Cybersecurity Professional .

Here is the gateway  https://luminisindia.com/goehm

Cloud Security Risks and Threats: Intrinsic vs. Extrinsic

When evaluating cloud security, it’s helpful to classify risks into two broad categories: intrinsic and extrinsic threats. This distinction allows organizations to determine whether the risk stems from the fundamental nature of cloud computing or from external actors and systems.

Understanding and addressing both intrinsic and extrinsic risks is crucial for building a resilient cloud security strategy. By clearly defining these categories, organizations can better align their defenses, focus remediation efforts, and strengthen collaboration across IT, DevOps, and security teams. Now lets see which threats come under these categories…

🔐 Intrinsic Cloud Security Risks

These are threats that are inherent to the cloud computing model itself—arising from how cloud systems are designed, deployed, and operated. These type of threats can be like:

• Insecure Interfaces and APIs
  Cloud providers offer APIs and interfaces to manage resources. If these aren’t properly secured, attackers can exploit them to gain unauthorized access or manipulate services.
• Lack of Visibility
  Organizations may struggle to gain full visibility into their cloud environments, making it difficult to detect anomalies, misconfigurations, or breaches in real time.
• Multi-Tenancy Risks
  Since cloud platforms often host multiple customers on shared infrastructure, one tenant’s compromise can potentially affect others, introducing cross-tenant risks.
• System Vulnerabilities
  Unpatched or outdated software components within cloud infrastructure can leave systems exposed to exploitation.
• Confusing Shared Responsibility Model
  Security responsibilities in the cloud are split between providers and customers. Misunderstanding these boundaries can create critical security gaps.

🌍 Extrinsic Cloud Security Risks

These threats originate from external sources such as users, attackers, or third-party systems interacting with the cloud environment.

• Misconfigurations
  Often resulting from human error or lack of understanding, misconfigured storage, permissions, or network settings are among the top causes of cloud breaches.
• Phishing and Account Hijacking
  Attackers use phishing tactics to steal user credentials. Once compromised, these accounts can be used to manipulate data, deploy malicious services, or exfiltrate information.
• Malware and Ransomware Attacks
  Malware can infect cloud-hosted VMs and containers, leading to data breaches, resource hijacking (e.g., cryptomining), or operational disruption.
• Zero-Day and Supply Chain Attacks
  Zero-day vulnerabilities exploit flaws before developers can patch them, while supply chain attacks target vulnerabilities in third-party software or vendors used in cloud environments.
• Insider Threats
  Malicious insiders—employees or contractors—can abuse access to steal data or disrupt services, often going undetected due to privileged credentials.

Okay, after getting the idea about the cloud related risks and threats, we will see how to build a strong cloud security strategy…

🔐 Stop Chasing Threats—Start Preventing Them with

3 Best Practices for Building a Robust Cloud Security Strategy

As cloud environments grow more complex and threat surfaces expand. We need security at multiple level like CloudSec, AppSec, and SecOps and respective teams must evolve their strategies accordingly. Cloud security is not only the matter of using some tools. It calls for a clear, collaborative, and forward-thinking approach.

Here are three proven best practices to help organizations strengthen their cloud security posture:

1. Align Security Objectives with Business Goals

Security initiatives often face resistance when they’re seen as cost centers or blockers to innovation. The key to gaining organizational support is aligning security strategies with tangible business outcomes. Reason is simple every business wants to gain profit and every resources should be use for achieving the business objective (whatsoever it is).

To build internal buy-in:

• Clearly link security efforts to outcomes like customer trust, regulatory compliance, resilience to downtime, and faster innovation.
• Foster continuous communication between security leaders and business stakeholders to reinforce shared priorities.

2. Integrate Security into the DevOps Pipeline

It is the matter of security mindset from the starting point. Security shouldn’t wait until after deployment—it should be part of the software delivery lifecycle.

By integrating cloud security into DevOps practices, organizations can identify and mitigate risks earlier, with minimal impact on agility and release speed.

Here’s how DevOps and security teams can collaborate:

• Reduce open security tickets
  Embed security tools in CI/CD pipelines to detect vulnerabilities automatically during code reviews and testing.
• Minimize time-to-deploy
  Automated security checks can speed up deployment while reducing risks—giving both teams time back without compromising quality.
• Shift security left

Security cannot be a blocker. When security is embedded from day one, it becomes an enabler—not an obstacle—for growth. Bring security into the early stages of development—is a “shift-left” approach. This move not only improved security posture but accelerated delivery and boosted compliance.

Organizations adopting DevSecOps can experience the transformation by empowering teams to build secure-by-design systems from the start.

• Address security risks before release to lower post-deployment incidents and patching efforts.
• Improve time-to-remediate
  Track remediation timelines and analyze cross-functional collaboration to reduce the turnaround on fixes.
• Lower audit and test failure rates
  Build a culture of shared security ownership to reduce finger-pointing and instead focus on proactive prevention.

With integrated pipelines and shared goals, security becomes a natural part of development—supporting speed without sacrificing safety.

3. Build a Culture of Security Awareness and Empowerment

Technology can’t do it alone. A secure cloud environment requires the knowledge, habits, and vigilance of everyone involved.

Organizations must:

• Offer continuous training for CloudSec, AppSec, and SecOps teams to keep up with evolving threats.
• Conduct security awareness programs for all employees, emphasizing risks like phishing, credential misuse, and cloud misconfigurations.

But training doesn’t have to be dry or obligatory.

You can build engaging, self-sustaining security programs by:

• Creating team-specific ownership for secure practices.
• Gamifying learning with real-world simulations—like live phishing tests or cloud attack emulations.
• Exploring current challenges, such as how third-party AI tools may introduce new vulnerabilities.

A culture that rewards curiosity, ownership, and responsibility will naturally lead to smarter, safer behaviors—turning your people into your strongest defense.

Summary

Cloud adoption by organizations is increasing rapidly. Most of the organizations are overlooking the threats over cloud. For hackers this is the an huge opportunity. For cloud users secure the cloud resources demand a different approach.  

Kindly write  your comments  on the posts or topics, because when you do that you help me greatly in  designing new quality article/post on cybersecurity.