Google Cloud Cryptomining Protection Program is part of the Security Command Center Premium service to help users detect cryptomining attacks. Credit: Pete Linforth Google Cloud has launched its Cryptomining Protection Program for Security Command Center (SCC) Premium customers with up to $1 million to cover unauthorized Google Cloud compute expenses associated with undetected cryptomining attacks. SCC Premium customers will have access to the new product for free. SCC Premium works with a pay-as-you-go pricing, and as one-year and multi-year fixed-price subscriptions. According to Google Cybersecurity Action Team (GCAT) September 2022 Threat Horizons Report, threat actors frequently targeted weak and default passwords to access Google Cloud accounts. Once inside the compromised cloud accounts, they performed cryptomining 65% of the time.“Security Command Center has rapidly become one of the most common tools for protecting Google Cloud environments,” Jess Leroy, senior director of product management, Google Cloud, tells CSO. “Fortune 10 companies through SMB organizations globally rely on Security Command Center Premium to protect their Google Cloud environments.”How Google Cloud’s Cryptomining Protection Program worksWhy is the Cryptomining Protection Program only available to SCC Premium? SCC Premium includes “comprehensive threat detection capabilities that are engineered into the Google Cloud infrastructure.” This includes cryptomining attack detection, the technology that underpins Google Cloud’s financial protection program. To detect such attacks, SCC Premium scans virtual machine memory for malware. The cloud provider says its approach enables it to detect attacks that could be missed by bolt-on security tools that rely on analysis of cloud logs and information gathered from APIs. The ultimate result would be Google identifying possible threats before they get explored. The full set of advanced detection capabilities for cryptomining can only be delivered by a product built into the cloud infrastructure.Another function of SCC Premium is to detect compromised identities, which are usually the entry point for attackers. It does this by detecting excessive failed attempts, anomalously long impersonation chains, dormant service account activity, and by using other functionalities. How the cover works and how to accessAll SCC Premium customers are eligible for this financial protection program as long as they follow the program terms and conditions including Cryptomining Detection Best Practices. “If Google or Security Command Center Premium fail to detect and notify the customer of a cryptomining attack in the customer’s compute engine VM environment, and the customer experiences compute engine costs resulting from the undetected attack, the customer can request cloud credits within 30 days from when the attack began to cover the unauthorized compute engine costs,” Leroy explains.Once a customer has raised the issue, Google will work with them to determine the compute engine costs incurred due to the cryptomining attack. The maximum number of credits issued under the program to any customer is up to US$1 million in any 12-month period. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe