IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Google Cloud adds cryptomining protection following widespread exploitation

In nearly all cases of compromised Google Cloud instances, cryptomining malware was installed within 22 seconds

Google Cloud has launched a new threat detection solution for Google Cloud Platform (GCP) specifically designed to tackle the mounting cases of cryptomining malware operating through compromised cloud instances.

Google Cloud said the Virtual Machine Threat Detection (VMTD) is a first-to-market solution from a major cloud provider, now available in public preview as an added security layer within Security Command Center (SCC) Premium.

Virtual machine-based computing accounts for a significant portion of businesses' operations running in the cloud and according to a November 2021 threat intelligence report from Google Cloud, cryptomining activity was observed in 86% of all compromised GCP instances, making it the leading issue affecting Google Cloud customers.

The time it took for attackers to install this financially-motivated malware was quick, too, with more than half of cases (58%) seeing malware installed within just 22 seconds of compromising the platform.

Google Cloud said in most cases, this was due to exploitation of poor customer security practices or vulnerable third-party software. Leveraging the power of cloud computing can improve the efficiency of cryptomining malware due to its scalable nature, potentially raising monthly cloud bills for businesses by a large sum.

"The economy of scale enabled by the cloud can help fundamentally change the way security is executed for any business operating in today’s threat landscape," said Timothy Peacock, product manager at Google Cloud. "As more companies adopt cloud technologies, security solutions built into cloud platforms help address emerging threats for more and more organisations.

Related Resource

Secure hybrid cloud for dummies

Accelerate transformation with hybrid cloud

Whitepaper cover with cartoon man's face wearing glasses in yellow circle with blue, black and yellow colour block backgroundFree Download

"VMTD is one of the ways we protect our Google Cloud Platform customers against growing attacks like coin mining, data exfiltration, and ransomware," he added.

Now available in public preview, VMTD detects cryptomining attacks but as it moves closer towards general availability, Google Cloud said customers can expect to see a steady release of new detective capabilities that will integrate with other parts of GCP.

Google Cloud said VMTD complements the existing threat detection capabilities supplied by the existing Event Threat Detection and Container Threat Detection products, providing cover for compute while the others services areas like Kubernetes, identity, managed services, networking, and API.

Agentless approach

A diagram of how Google Cloud's VMTD works on a technical level

Google Cloud

Google Cloud's VMTD provides memory scanning for customers on an agentless basis, which means GCP users can expect a smaller performance impact, lowered operational burden, and a less-exposed attack surface.

This is unlike a traditional endpoint security model which involves running additional software inside virtual machines to gather signals and telemetry. Instead, Google Cloud said it 'instruments the hypervisor' - the underlying software that "orchestrates" its virtual machines - to include threat detection that's difficult to tamper with.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Cloud security market to hit $106 billion by 2029
cloud computing

Cloud security market to hit $106 billion by 2029

11 Apr 2022
Alkira offers Check Point CloudGuard Security to secure virtual cloud networks
Cloud

Alkira offers Check Point CloudGuard Security to secure virtual cloud networks

29 Sep 2021
Iboss protects web sessions with remote browser isolation
Cloud

Iboss protects web sessions with remote browser isolation

16 Aug 2021
Most CISOs worry cloud software flaws aren’t being caught
cloud security

Most CISOs worry cloud software flaws aren’t being caught

7 Jun 2021

Most Popular

Open source packages with millions of installs hacked to harvest AWS credentials
hacking

Open source packages with millions of installs hacked to harvest AWS credentials

24 May 2022
Europe's first autonomous petrol station opens in Lisbon
automation

Europe's first autonomous petrol station opens in Lisbon

23 May 2022
Nvidia pauses hiring to help cope with inflation
Careers & training

Nvidia pauses hiring to help cope with inflation

23 May 2022