Bitrabo Editorial
Google Cloud recently unveiled its latest capability in risk management and Security Command Center Premium service when it comes to identifying and preventing cryptomining scams. The company has strong confidence in its ability to thwart this insidious threat to protect its valued customers and pledged to reimburse up to $1 million for unauthorized Google Cloud compute expenses through the Cryptomining Protection Program.
This move showcases Google’s commitment to its clients’ security and emphasizes its dedication to go above and beyond when it comes to safeguarding their interests.
Google Cloud’s Proactive Measures to Safeguard Assets
This step taken by Google Cloud is a significant stride forward in cloud security, demonstrating the commitment to strengthen customers’ defenses against cyber threats. According to Philip Bues, a renowned cloud security expert representing market research firm IDC, who lauded Google Cloud’s $1 million crypto mining attack protection, it is a significant advancement in the field. He highlighted the significant consequences that organizations face when they lack the necessary preventative controls and threat detection capabilities to combat the increasingly prevalent menace of cryptomining attacks.
Google Cloud made this move to extend coverage for specific breaches after a seminal report by Google’s esteemed Cybersecurity Action Team published in September 2022. The findings showed that in 65% of cases involving compromised cloud accounts, cybercriminals were actively engaged in illicit cryptocurrency mining. With this knowledge, Google Cloud recognized the need to proactively safeguard its customers’ assets from this insidious threat.
Safeguarding Customers with Stringent Terms and Conditions
Although Google Cloud’s Cryptomining Protection Program provides critical coverage, customers need to adhere to the prescribed best practices outlined in the program’s terms and conditions. If the premium service fails to detect and notify customers of a cryptomining attack, customers can request credits within 30 days from the initiation of the attack to alleviate the financial burden imposed by unauthorized Compute Engine costs incurred during the attack.
It is worth noting that although Google Cloud’s premium service is responsible for detecting and notifying customers about cryptomining attacks, the response and remediation efforts remain the sole responsibility of the customer. The program description emphasizes this limitation, clarifying that Google’s role is to identify and inform customers promptly about such attacks.
To ensure maximum effectiveness, the Cryptomining Protection Program covers only Compute Engine Virtual Machine types and compute environments supported by the Security Command Center Premium’s Virtual Machine Threat Detection.
Image from Cybersecurity Insiders