Sysdig has announced machine learning-powered cloud detection and response (CDR) to combat cryptojacking. The company said its threat engine and detection algorithms block cryptojacking in the cloud with 99% precision.
Cryptojacking is the unauthorized use of someone else’s compute resources to mine cryptocurrency. According to the Google Cloud Threat Horizons Report, 86% of compromised Google Cloud instances were used for cryptocurrency mining. Cryptojackers use low-and-slow attack techniques to mask what they are doing so those impacted do not realize until they receive their cloud bill. The longer cryptojacking goes undetected, the greater the financial impact. While the average increase in a monthly bill varies by report, it is not uncommon for cryptojackers to run up a $100,000 – $500,000 bill in a single month. Time is of the essence.
According to the company, Sysdig Secure machine learning is trained to automatically detect cryptominers. Even as new cryptojackers come into play, highly precise and continually evolving algorithms keep the model up-to-date and drastically reduce false positives.
Early detection is the only way to avoid hefty cryptojacking bills and reputation damage due to an attack. Sysdig is able to detect behavior patterns even if the cryptominer slowly ramps up use of cloud resources.
Sysdig threat detection uses machine learning to complement a rules-based approach based on Falco. Easily customizable out-of-the-box policies curated by the Sysdig Threat Research Team maximize coverage. Adding defense techniques, such as profiling, comprehensive indicators of compromise (IOCs), and Drift Control further strengthen security.
Sysdig Secure customers have access to the machine learning-powered threat detection now and for new customers, it is included in Sysdig Secure at no additional cost.