Halcyon Announces Anti-Ransomware Protection for Enterprise Linux Environments (linux-magazine.com) 14
Formed in 2021 by cybersecurity professionals (and backed by high-powered VCs including Dell Technologies Capital), Halcyon sells an enterprise-grade anti-ransomware platform.
And this month they announced they're offering protection against ransomware attacks targeting Linux systems, according to Linux magazine: According to Cynet, Linux ransomware attacks increased by 75 percent in 2023 and are expected to continue to climb as more bad actors target Linux deployments... "While Windows is the favorite for desktops, Linux dominates the market for supercomputers and servers."
Here's how Halcyon's announcement made their pitch: "When it comes to ransomware protection, organizations typically prioritize securing Windows environments because that's where the ransomware operators were focusing most of their attacks. However, Linux-based systems are at the core of most any organization's infrastructure, and protecting these systems is often an afterthought," said Jon Miller, CEO & Co-founder, Halcyon. "The fact that Linux systems usually are always on and available means they provide the perfect beachhead for establishing persistence and moving laterally in a targeted network, and they can be leveraged for data theft where the exfiltration is easily masked by normal network traffic. As more ransomware operators are developing the capability to target Linux systems alongside Windows, it is imperative that organizations have the ability to keep pace with the expanded threat."
Halcyon Linux, powered through the Halcyon Anti-Ransomware Platform, uniquely secures Linux-based systems offering comprehensive protection and rapid response capabilities... Halcyon Linux monitors and detects ransomware-specific behaviors such as unauthorized access, lateral movement, or modification of critical files in real-time, providing instant alerts with critical context... When ransomware is suspected or detected, the Halcyon Ransomware Response Engine allows for rapid response and action.... Halcyon Data Exfiltration Protection (DXP) identifies and blocks unauthorized data transfers to protect sensitive information, safeguarding the sensitive data stored in Linux-based systems and endpoints...
Halcyon Linux runs with minimal resource impact, ensuring critical environments such as database servers or virtualized workloads, maintain the same performance.
And in addition, Halcyon offers "an around the clock Threat Response team, reviewing and responding to alerts," so your own corporate security teams "can attend to other pressing priorities..."
And this month they announced they're offering protection against ransomware attacks targeting Linux systems, according to Linux magazine: According to Cynet, Linux ransomware attacks increased by 75 percent in 2023 and are expected to continue to climb as more bad actors target Linux deployments... "While Windows is the favorite for desktops, Linux dominates the market for supercomputers and servers."
Here's how Halcyon's announcement made their pitch: "When it comes to ransomware protection, organizations typically prioritize securing Windows environments because that's where the ransomware operators were focusing most of their attacks. However, Linux-based systems are at the core of most any organization's infrastructure, and protecting these systems is often an afterthought," said Jon Miller, CEO & Co-founder, Halcyon. "The fact that Linux systems usually are always on and available means they provide the perfect beachhead for establishing persistence and moving laterally in a targeted network, and they can be leveraged for data theft where the exfiltration is easily masked by normal network traffic. As more ransomware operators are developing the capability to target Linux systems alongside Windows, it is imperative that organizations have the ability to keep pace with the expanded threat."
Halcyon Linux, powered through the Halcyon Anti-Ransomware Platform, uniquely secures Linux-based systems offering comprehensive protection and rapid response capabilities... Halcyon Linux monitors and detects ransomware-specific behaviors such as unauthorized access, lateral movement, or modification of critical files in real-time, providing instant alerts with critical context... When ransomware is suspected or detected, the Halcyon Ransomware Response Engine allows for rapid response and action.... Halcyon Data Exfiltration Protection (DXP) identifies and blocks unauthorized data transfers to protect sensitive information, safeguarding the sensitive data stored in Linux-based systems and endpoints...
Halcyon Linux runs with minimal resource impact, ensuring critical environments such as database servers or virtualized workloads, maintain the same performance.
And in addition, Halcyon offers "an around the clock Threat Response team, reviewing and responding to alerts," so your own corporate security teams "can attend to other pressing priorities..."
Performance hit? (Score:2)
While not the same use case years ago the government site I worked with pushed McAfee for Linux on us and it was a performance killer. It also had "real-time" monitoring. Wonder how this stacks up to that software.
Re:Performance hit? (Score:5, Interesting)
It's probably not the same thing. The only way to offer real, fail-safe "ransomware protection" is to use snapshots and backups that can't be compromised. We have replicated snapshots taken every minute but of course we also try to not get hit in the first place and have measures in place for that too.
Selling a solution where you rely exclusively on not getting hit in the first place wouldn't be really serious IMHO.
Every who has had ransomware on Linux (Score:1, Interesting)
Why not just look to past stories? (Score:5, Informative)
If you're going with the "Linux doesn't get ransomware" line I suggest you read this site called Slashdot. I mean we talk [slashdot.org] about [slashdot.org] linux [slashdot.org] ransomware [slashdot.org] very [slashdot.org] very [slashdot.org] very [slashdot.org] frequently. [slashdot.org]
Re: (Score:2)
> I mean we talk about linux ransomware very very very frequently.
Oh we talk about it a lot, almost like we wish it was a thing. People do *make* linux ransomware, but it doesnt do much. By by and large, there just isnt much of a real market for anti-ransomware for linux.
Its like trying to sell a special helmet that prevents you from getting your head stuck in a bucket.
People do sometimes get their head stuck in a bucket, its just not very common. And there are no shortage of bucket makers. But most peop
Re: (Score:2)
Sure. I mean you could stick your head in the sand or realise that the reason we talk about it is because it exists and is in active exploit. Something you'd know if you ever read ... Slashdot.
"enterprise-grade anti-ransomware" (Score:4, Interesting)
I'll stick to proven free backup software that writes to devices that are stored offline.
Re: (Score:1)
Re: (Score:3)
That "enterprise-grade anti-ransomware" is probably a mediocre $$$$$$ "remote backup" service
Or you could actually read up on what it really is, user activity / network activity monitoring and cut-off tool. Incidentally their service provides zero remote backup and has nothing to do with backup.
Please try and be better. You can learn so much about the world if you choose to read rather than just post made up rubbish from the top of Mt Ignorance.
Net security gain? (Score:1)
Marketing speech overload.... (Score:2)
At least that is what I get from this "description". Not trust-inspiring at all.
Makes me want to go back to Sun Solaris (Score:2)
What does it actually do? (Score:2)
What is up with this corpo techno-babble?? What does this actually do, and how does it protect Linux against ransomware? Unless you got some seriously elevated access on a server, I do not think ransomware will get far.