Thai company incurs Google Cloud bill of 21 million Baht due to unauthorized access
In an unprecedented situation, a Thai Facebook user named Phattharachai Mith Vongkoon is grappling with the aftermath of an unauthorised hack on his company's Google Cloud billing account. The hack, suspected to have been used for Bitcoin mining, has resulted in a bill of 21 million baht.
Phattharachai reported the incident to the police and sought assistance from Google Cloud Support and Google Billing. The charges linked to his company appeared on its monthly expense report, causing significant financial strain.
Google confirmed an unauthorised intrusion and acknowledged that the billing activity was the result of a hack. However, after an investigation, Google responded that it could not approve the billing adjustment.
In response to public outcry, suggestions from netizens include blocking the payment card and continuing to work with Google. Phattharachai has filed a request for Google to adjust the charges to reflect the actual usage.
To manage and mitigate such unauthorised usage issues, a structured approach is recommended. First, it's crucial to identify any suspicious activity by monitoring cloud activity and reviewing security logs. Next, contact Google Cloud support and request a detailed breakdown of the billing charges.
Once the affected resources have been isolated, enhance security by enabling features like VPC Service Controls and implementing a Zero-Trust Architecture. Pause or terminate non-essential services and adjust billing quotas to prevent additional unauthorised usage.
Engage with Google’s Security and Billing Teams for a billing review and assistance in securing future usage. Document all interactions with Google Cloud support, and use this experience to review and update your organisation's security policies and procedures.
Additional measures include implementing cost monitoring tools and regularly reviewing and updating security configurations. With patience and a meticulous approach, it is still possible to rectify the situation.
Netizens have shown sympathy and offered advice to Mr. Phattharachai, with many believing that a resolution can be reached. The police investigation is ongoing, and Phattharachai remains deeply concerned and uncertain about how to proceed.
Following the unauthorized hack, Phattharachai has heightened his focus on cybersecurity, recognizing the importance of technology to protect his company from such incidents in the future. He is actively implementing security measures such as monitoring cloud activity, enabling VPC Service Controls, and adjusting billing quotas to strengthen his company's defense against unauthorized usage.
