Google Compute Engine network created
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。
Goal
Detect when a Google Compute Engine network is created.
Strategy
This rule lets you monitor Google Compute Engine activity audit logs to determine when the following method is invoked to create a new Compute Engine network:
beta.compute.networks.insert
v*.compute.networks.insert
An attacker could create a compute network with the intention of enabling cryptomining and bypassing networking limitations.
Triage and response
Review the Compute Engine network.
Changelog
- 17 August 2023 - Updated query to replace attribute
@threat_intel.results.subcategory:tor
with @threat_intel.results.category:tor
. - 30 September 2024 - Updated query to replace attribute
@threat_intel.results.subcategory:anonymizer
.