Google Will Prevent Cryptojacking Attacks In The Cloud With This Feature
JAKARTA - Cryptojacking cases are currently on the rise, therefore Google Cloud has added a new security feature designed to hunt down such cases.
Cryptojacking is a type of cybercrime in which criminals secretly use the victim's computing power to generate cryptocurrency.
Not long ago, the technology giant from Silicon Valley, United States (US) said a public preview of Virtual Machine Threat Detection (VMTD) is now available at the Security Command Center (SCC).
SCC is a platform for detecting threats to cloud assets by scanning for security vulnerabilities and misconfigurations.
Product Manager at Google Cloud, Timothy Peacock explained that as organizations continue to migrate to the cloud, workloads are often handled with Virtual Machine (VM) based architectures.
The cloud environment is also a prime target for cyberattackers seeking valuable data, as well as those intending to execute cryptocurrency mining malware.
To combat cryptojacking attacks against VMs operating on Google Cloud, the company's VMTD solution will provide agentless memory scanning within SCC.
"Traditional endpoint security relies on deploying software agents within the guest virtual machine to collect signals and telemetry to inform runtime threat detection," Peacock said.
"But as is the case in many other areas of infrastructure security, cloud technology offers the ability to rethink existing models."
This Google approach instructs the hypervisor to collect signals that might indicate an infection.
Meanwhile, VMTD will start as a means to detect cryptocurrency mining, but as it is generally available, the system will integrate with other Google Cloud functions.
Users can choose to try VMTD by enabling it in SCC settings. The service is opt-in and the customer can choose the scanner coverage.
For example, cryptocurrency miners like XMRig are legitimate programs to mine coins. However, when in the hands of bad actors, they can be abused, and used without permission in cloud systems.
According to Google's latest Threat Horizons report, of the sample compromised instances, 86 percent was used for cryptocurrency mining and 10 percent was used to perform scans for other vulnerable instances.