Cryptomining poses a significant and expensive threat to cloud environments, with a single attack resulting in unauthorized compute costs amounting to hundreds of thousands of dollars within a matter of days. In fact, according to the Google Cybersecurity Action Team (GCAT) September 2022 Threat Horizons Report, a staggering 65% of compromised cloud accounts have fallen victim to cryptocurrency mining.
To enhance the detection and prevention of cryptomining attacks, Google has prioritized it as a key feature of Security Command Center Premium. In order to instill confidence in their customers' ability to swiftly identify and halt such attacks, we are delighted to introduce the Cryptomining Protection Program. This innovative initiative provides up to $1 million in financial coverage for unauthorized Google Cloud compute expenses incurred due to undetected cryptomining attacks, exclusively for Security Command Center Premium users.
Google Cloud is able to provide financial protection through Security Command Center Premium because it incorporates advanced detection capabilities within the Google Cloud infrastructure itself. To identify cryptomining attacks, Security Command Center effectively scans the memory of virtual machines for any presence of malware. The unique aspect of this approach is that it achieves detection without the need for agents, which can potentially hinder performance and create vulnerabilities in an organization's security defenses. By taking this approach, Google Cloud is able to identify and thwart attacks that may go unnoticed by other security tools that rely on analyzing cloud logs and data gathered from APIs.
The advanced capabilities of Security Command Center extend beyond detecting cryptomining attacks. It is also capable of identifying compromised identities, which are often the gateway for attackers to gain unauthorized access to cloud accounts and swiftly deploy cryptomining malware. By detecting these compromised identities, Security Command Center can proactively identify potential threats before adversaries have the chance to exploit the compromised information and initiate an attack. This comprehensive set of advanced detection capabilities for cryptomining is made possible by the integration of Security Command Center into the very fabric of the cloud infrastructure itself.
To participate in the Cryptomining Protection Program, Google Cloud customers using Security Command Center Premium must adhere to the program's terms and conditions, including following the Cryptomining Detection Best Practices. For additional information and eligibility criteria, please refer to the Cryptomining Protection Program Overview.
Google Cloud's approach to risk management aligns our fate with that of our customers when it comes to delivering optimum security outcomes on our platform. By equipping our customers with powerful, built-in tools to detect one of the most prevalent and expensive threats in cloud environments, we provide financial protection in the event that our efforts fall short.
"Cryptomining attacks continue to pose serious security and financial challenges for organizations lacking the necessary preventive controls and threat detection capabilities in their cloud environments. Google Cloud takes a significant step forward by offering integrated threat detection for unauthorized cryptomining, supported by real financial protection exclusively available to Security Command Center Premium users if an attacker manages to evade their detection defenses. This shared fate approach to cloud security instills confidence among enterprise buyers when transitioning to the cloud," said Philip Bues, IDC's research manager for cloud security.
To begin using Security Command Center Premium today, which includes our agentless cryptomining detection, visit the Google Cloud console. For more information about the Security Command Center Cryptomining Protection Program.
Visit our previous blog for more information: PROTECT YOURSELF AGAINST CRYPTOMINING THREATS WITH SECURITY COMMAND CENTER