Google Cloud on Monday unveiled Virtual Machine Threat Detection (VMTD), which will detect any malware that mines cryptocurrency on a compromised Cloud account. “VMTD is a first-to-market detection capability from a major cloud provider that provides agentless memory scanning to help detect threats like crypto-mining malware inside your virtual machines running in Google Cloud,” according to a blog post from Google.
This development comes after the company said in November that cyber criminals were hacking Google cloud accounts to mine cryptocurrency. Google’s cloud service is the one of the most popular remote storage system, where the tech giant stores customers’ data and files in a remote server—which is technically capable of being used for crypto mining. Cryptocurrency mining requires high-powered computers, that are competing to solve complex mathematical puzzles, in a process that makes intensive use of computing power and electricity.
What is VMTD?
VMTD will be able to protect Google Cloud Platform customers against attacks such as data exfiltration and ransomware, the blog said. In terms of detecting crypto mining activities, VMTD will work without the need for an additional software. The measure is being rolled out as “public preview”, meaning that users are allowed to explore the feature and even send feedback of the newly added feature. Google will integrate VMTD with other parts of its service over the next few months.
To enable VMTD on your Cloud, open the Settings page in Security Command Center. Click on “Manage Settings” under Virtual Machine Threat Detection. You can then select a scope for VMTD.
Subscriber Only Stories
Interestingly, Google noted that of 50 percent hacks of its cloud computing service, more than 80 percent were used to perform cryptocurrency mining. Cloud customers continue to face a variety of threats across applications and infrastructure, and many successful attacks are “due to poor hygiene and a lack of basic control implementation,” Google said in its blog post.
Read more |Regulators don’t have capability to monitor cyber risk in crypto exchanges: Raghuram Rajan
Additionally, 10 percent of compromised Cloud instances were used to conduct scans of other publicly available resources on the internet to identify vulnerable systems, and 8 percent of instances were used to attack other targets. “While data theft did not appear to be the objective of these compromises, it remains a risk associated with the cloud asset compromises as bad actors start performing multiple forms of abuse,” Google added.