Google Cloud Cryptomining Protection Program is part of the Security Command Center Premium service to help users detect cryptomining attacks. Credit: Pete Linforth Google Cloud has launched its Cryptomining Protection Program for Security Command Center (SCC) Premium customers with up to $1 million to cover unauthorized Google Cloud compute expenses associated with undetected cryptomining attacks. SCC Premium customers will have access to the new product for free. SCC Premium works with a pay-as-you-go pricing, and as one-year and multi-year fixed-price subscriptions. According to Google Cybersecurity Action Team (GCAT) September 2022 Threat Horizons Report, threat actors frequently targeted weak and default passwords to access Google Cloud accounts. Once inside the compromised cloud accounts, they performed cryptomining 65% of the time.“Security Command Center has rapidly become one of the most common tools for protecting Google Cloud environments,” Jess Leroy, senior director of product management, Google Cloud, tells CSO. “Fortune 10 companies through SMB organizations globally rely on Security Command Center Premium to protect their Google Cloud environments.” How Google Cloud’s Cryptomining Protection Program worksWhy is the Cryptomining Protection Program only available to SCC Premium? SCC Premium includes “comprehensive threat detection capabilities that are engineered into the Google Cloud infrastructure.” This includes cryptomining attack detection, the technology that underpins Google Cloud’s financial protection program. To detect such attacks, SCC Premium scans virtual machine memory for malware. The cloud provider says its approach enables it to detect attacks that could be missed by bolt-on security tools that rely on analysis of cloud logs and information gathered from APIs. The ultimate result would be Google identifying possible threats before they get explored. The full set of advanced detection capabilities for cryptomining can only be delivered by a product built into the cloud infrastructure.Another function of SCC Premium is to detect compromised identities, which are usually the entry point for attackers. It does this by detecting excessive failed attempts, anomalously long impersonation chains, dormant service account activity, and by using other functionalities. How the cover works and how to accessAll SCC Premium customers are eligible for this financial protection program as long as they follow the program terms and conditions including Cryptomining Detection Best Practices. “If Google or Security Command Center Premium fail to detect and notify the customer of a cryptomining attack in the customer’s compute engine VM environment, and the customer experiences compute engine costs resulting from the undetected attack, the customer can request cloud credits within 30 days from when the attack began to cover the unauthorized compute engine costs,” Leroy explains.Once a customer has raised the issue, Google will work with them to determine the compute engine costs incurred due to the cryptomining attack. The maximum number of credits issued under the program to any customer is up to US$1 million in any 12-month period. Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe