Google Cloud announced this morning that it added a new layer of threat detection in its Security Command Center, named Virtual Machine Threat Detection. The announcement said that the new security service will scan virtual-machine instances running on Google Cloud to help detect crypto-mining threats without requiring customers to install new software on their instances.
The added security layer comes after a report released by Google in November last year found that “86% of the compromised Google Cloud instances were used to perform cryptocurrency mining, a cloud resource-intensive for-profit activity,” and that attackers took advantage of “poor customer security practices or vulnerable third-party software in nearly 75% of all cases.”
Google also said that in an effort to preserve trust among cloud customers wary about providers monitoring their data, the new security feature will be an opt-in feature, as well as provide encrypted memory when moving from a CPU to RAM.
Crypto-mining attacks, otherwise known as “cryptojacking”, have been increasing over the past years, peaking at a high in April last year, according to Cointelegraph. Reports in 2018 also found that at least 55% of businesses worldwide were affected by the attacks, including Google-owned YouTube, whose ads were used by hackers to use unauthorized computing power.