Google Cloud has launched its Cryptomining Protection Program for Security Command Center (SCC) Premium customers to protect them from unauthorized Google Cloud compute expenses associated with undetected cryptomining attacks. SCC Premium customers can access this new product for free with up to $1 million in coverage.
According to the September 2022 Threat Horizons Report by Google Cybersecurity Action Team (GCAT), weak and default passwords were frequently targeted by threat actors to access Google Cloud accounts. Once inside the compromised cloud accounts, they performed cryptomining 65% of the time.
Jess Leroy, senior director of product management, Google Cloud, said, “Security Command Center has rapidly become one of the most common tools for protecting Google Cloud environments. Fortune 10 companies through SMB organizations globally rely on Security Command Center Premium to protect their Google Cloud environments.”
SCC Premium includes “comprehensive threat detection capabilities that are engineered into the Google Cloud infrastructure.” This includes cryptomining attack detection, the technology that underpins Google Cloud’s financial protection program.
To detect such attacks, SCC Premium scans virtual machine memory for malware. The cloud provider says its approach enables it to detect attacks that could be missed by bolt-on security tools that rely on analysis of cloud logs and information gathered from APIs. The full set of advanced detection capabilities for cryptomining can only be delivered by a product built into the cloud infrastructure.
Another function of SCC Premium is to detect compromised identities, which are usually the entry point for attackers. It does this by detecting excessive failed attempts, anomalously long impersonation chains, dormant service account activity, and by using other functionalities.
All SCC Premium customers are eligible for this financial protection program as long as they follow the program terms and conditions including Cryptomining Detection Best Practices. If Google or Security Command Center Premium fail to detect and notify the customer of a cryptomining attack in the customer’s compute engine VM environment, and the customer experiences compute engine costs resulting from the undetected attack, the customer can request cloud credits within 30 days to cover the unauthorized compute engine costs. Once a customer has raised the issue, Google will work with them to determine the compute engine costs incurred due to the cryptomining attack. The maximum number of credits issued under the program to any customer is up to $1 million in any 12-month period.
Cryptomining is a relatively new and rapidly emerging threat to cloud infrastructures as it can result in high computing costs and damage to the cloud system. This program is expected to provide customers with a sense of security about their Google Cloud accounts and build trust in using cloud services.
Google is continuously improving its cloud capabilities and services. Recently, Google Cloud announced open-source code for its AI language model – LaMDA, which can create natural language conversations. Partnerships were also announced with data analysis software provider SAS and international multinational business services company DXC Technology to provide better cloud solutions to customers.
Thus, Google Cloud’s Cryptomining Protection Program is another significant step taken by the company towards providing a secure cloud environment to its customers and ensuring customer satisfaction.