Google Cloud Rolls Out Tool To Detect Cryptomining Threats On Virtual Machines
Google Cloud has rolled out the newest layer of threat detection in Security Command Center (SCC) called the Virtual Machine Threat Detection (VMTD). This will help ensure strong protection as more and more organizations move to adopt cloud technologies. The tool is expected to be released over the next few months.
VMTD is the first-to-market detection capability from a major cloud provider that provides agentless memory scanning to help detect threats like cryptomining malware inside the customers’ virtual machines running in Google Cloud.
According to the latest Google Cybersecurity Action Team Threat Horizons Report, it was seen that 86 percent of compromised cloud instances were used to perform cryptocurrency mining.
The cryptomining malware is used for the growing cybercrime known as cryptojacking or auto-crypto mining, which is the unauthorized use of victims’ computing power by cybercriminals to mine cryptocurrencies such as Bitcoin and Ethereum.
In cryptojacking, the victims unwittingly install a program with malicious scripts or malware that allow the cybercriminals to access their computer or other Internet-connected devices.
After gaining control of the victims’ computer, the defendants use the processing power of the computer to solve complex algorithms for the financial benefit of the group, a process known as cryptocurrency mining.
Traditionally, software agents are deployed inside a customer’s virtual machine to provide endpoint security by gathering signals and telemetry to inform runtime threat detection. However, the running of additional software reduces performance of the virtual machines on the cloud.
VMTD is fully integrated and available through Security Command Center Premium. VMTD complements the existing threat detection capabilities enabled by the Event Threat Detection and Container Threat Detection built-in services in SCC Premium. These three layers of advanced defense are expected to provide holistic protection for workloads running in Google Cloud.
Source: Read Full Article