Google is so confident it can quickly detect and stop such attacks with its new offering it is backing up the claim by offering to have its Cryptomining Protection Program cover up to $1 million associated with unauthorized Google Cloud compute expenses for Security Command Center Premium customers.
Customers must follow best practices laid out in the program’s terms and conditions, but if the premium service fails to detect and notify customers of a cryptoming attack, the customer can request credits within 30 days of when the attack began to cover the unauthorized Compute Engine costs, according to the description of the program.
“Google will work with the customer to determine the Compute Engine costs incurred as a result of the cryptomining attack. The maximum amount of credits issued under this program to any customer will not exceed $1 million USD in any 12-month period.”
Response and remediation of an attack are still the responsibility of the customer, and Google’s responsibility is limited to detecting and notifying the customer of cryptomining attacks, the description clarified.
The program only covers Compute Engine Virtual Machine types and compute environments supported by the SCC Premium’s Virtual Machine Threat Detection, and excludes all other Google Cloud services.
A single cryptocurrency mining attack can result in unauthorized compute costs of hundreds of thousands of dollars in just days, Google Cloud’s Greg Smith and Tim Peacock, product marketing and senior product manager, respectively, wrote in the program’s announcement.
A September 2022 report by the Google Cybersecurity Action Team disclosed that 65% of compromised cloud accounts experienced cryptocurrency mining.