Oracle CEO: I go through each day not wanting to get ‘the call’

Oracle CEO: I go through each day not wanting to get ‘the call’

“Virtually everyone” is trying to hack the company, says Mark Hurd

Everyone from bedroom hackers to nation states is trying to hack Oracle, its chief executive officer Mark Hurd has told Computerworld.

“As you can imagine I go through the day not wanting to have the call that somebody’s hacked us,” Hurd said at a media roundtable at the company’s OpenWorld conference in San Francisco last month.

Asked exactly who was attempting to breach the company’s cyber defences, Hurd said: “Virtually everyone; from someone that’s in their pyjamas in their basement, to a nation state.”

In recent years, determining the origins of attacks has become “much more difficult to deal with” if not impossible Hurd explained, due to a “blurring of the lines between good guys and bad guys”.

“It used to be we could see the metadata signature – if you went back four or five years ago – and say ‘ah that’s coming from these guys’. Now many people working for one actor in a nation state, have been recruited to another actor. They use the signatures from the place they came from but they’re actually employed somewhere else,” he said.

The landscape of malicious actors has changed considerably in the last few years Hurd added, and they posed a greater threat than ever before.

“We’re investing in the United States in aircraft carriers, and they’re expensive it turns out — turns out it costs $2.5 billion to build an aircraft carrier — but get 15 guys together and you can have a cyber squad, maybe just as dangerous if not more than an aircraft carrier,” he told Computerworld.

Patch already

It is not surprising that Oracle, and its products, are prime targets for hackers. The company has not always responded well to those trying to find gaps and bugs in its software.

In 2015, Oracle chief security officer Mary Ann Davidson posted a rant against customers “reverse engineering our code to attempt to find security vulnerabilities in it”. The post – which included the line “please comply with your license agreement and stop reverse engineering our code, already” – was up for less than 24 hours before it was deleted.

One of the biggest risks Oracle customers run around unwarranted access to their systems is a result of failing to patch in a timely fashion.

Oracle’s Enterprise Resource Planning (ERP) software, for example, “holds the crown jewels” for the thousands of businesses that use it. According to a July report from Digital Shadows and Onapsis, Oracle ERP vulnerabilities have been steadily growing in number over the last 10 years.

The report noted that “systems are often left unpatched for years in the name of operational availability”.

Transfer the risk

Oracle is hoping to fill those gaping holes with its new Autonomous Database product which uses machine learning to automatically upgrade, patch, and tune as it runs; and automates security updates with no downtime window required.

Not having to find appropriate times to implement patches is significant for businesses, Hurd said.

“It’s just limitless and it doesn’t take much to pull up a website and find out where the patches are, to find out what’s been patched and to know what the windows are, and if you’ve got a computer and your technically competent you’re in business,” he said.

Adoption of autonomous patching products like Autonomous Database “transfers the risk” to Oracle, Hurd explained.

“It’s not a great job when you’re a CEO, people write things about you and if you get hacked and you lose important data, particularly customer data this is very difficult. So I not only need to look for security I also need to offload the risk,” he said.

“The risk, and by the way the cost of the risk, transfers in some respects from the customer to us. Not all the risk because you selected us so you still have some risk in that process, but certainly less than what you had before.

"And we’re now going to take on the job of fighting the bad guys and in general we’re going to do that a whole lot better than any individual company’s going to,” Hurd said.

“It’s a big differentiator,” he added.


The author travelled to Oracle OpenWorld as a guest of Oracle.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags OracleERPdatabaseCEOopenworldlarry ellisonmark hurdautonomous database



Reseller News Platinum Club celebrates leading partners in 2019

Reseller News Platinum Club celebrates leading partners in 2019

The leading players of the New Zealand channel came together to celebrate a year of achievement at the annual Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months.

Reseller News Platinum Club celebrates leading partners in 2019
Reseller News hosts alumnae breakfast for Women in ICT Awards

Reseller News hosts alumnae breakfast for Women in ICT Awards

Reseller News hosted its second annual alumnae breakfast for the Women in ICT Awards in New Zealand, designed to showcase the leading female leaders in the industry. Held at The Cordis in Auckland, attendees came together to hear inspiring keynotes and panel discussions, alongside high-level networking among peers. Photos by Gino Demeer.

Reseller News hosts alumnae breakfast for Women in ICT Awards
Reseller News Innovation Awards 2019: meet the winners

Reseller News Innovation Awards 2019: meet the winners

Reseller News honoured the standout players of the New Zealand channel in front of more than 480 technology leaders in Auckland on 23 October, recognising the achievements of top partners, emerging entrants and innovative start-ups.

Reseller News Innovation Awards 2019: meet the winners
Show Comments