The newest releases of Nebulon’s ImmutableBoot and TimeJump backup systems boast 'reboot-to-recover' functionality for Linux systems. Credit: DigitalSoul / Getty Images / Linux Smart infrastructure vendor Nebulon today announced that its latest offerings provide newly hardened backups for configuration and snapshots, in an effort to add a new tool to the antiransomware arsenal for Linux systems.The idea, according to Nebulon, is to protect against the problem of misconfigured servers and dated server configurations in Linux systems. This is a particularly serious problem in IT shops where configuration and patch management aren’t handled in a centrally organized way.Nebulon’s new service works using the same principle as its existing smart infrastructure offerings, which are delivered via PCIe cards—here, the system periodically writes “known-good” configurations of the bootloader to the system, which can’t be touched by ransomware attackers, according to Gartner Research senior director and analyst Tony Harvey. “ImmutableBoot basically means that all you have to do is have the ‘golden image’ of the operating system with all the right configs, that’s been patched and hardened and updated, then you stick a flag on it that says ‘this is now immutable,'” he said. “So anything after that gets written to memory but not to the disk. The ransomware thinks it’s writing to the drive it thinks is the OS, but it’s blocked from doing so.” Protecting boot volumes a key new feature for LinuxThus, companies hit with a ransomware attack can theoretically just reboot their servers to the “immutable” configuration for quick recovery, at least as far as the boot drive is concerned. This isn’t an overall, silver-bullet ransomware protection solution, noted Harvey, but the ability to protect boot volumes effectively is an important new capability.“If you think about it, for a major ransomware event, the basic problem wasn’t restoring from backup, it was rebuilding the system in the first place so that you could restore from the backup,” he said. The same principle applies to the TimeJump feature, which works on the data and operating system layers. That’s less unique, according to Harvey—large storage array vendors tend to offer this capability—but still an important capability for ransomware protection, particularly in concert with ImmutableBoot.“With the data side of the house, they make those snapshots immutable, so you know that your snapshot from a week ago is uninfected,” he said. “You can jump back to the snapshot, and you’ll lose a week’s worth of data, burt at least your system’s working now.” Related content news analysis Thousands of servers hacked due to insecurely deployed Ray AI framework Ray deployments are not intended to connect to the internet, but AI developers are doing so anyway and leaving their servers vulnerable. By Lucian Constantin Mar 28, 2024 4 mins Vulnerabilities news Cisco: Security teams are ‘overconfident’ about handling next-gen threats Tooling complexity and generative AI may harm many companies’ security posture. By Jon Gold Mar 28, 2024 3 mins Security brandpost Sponsored by Microsoft Security Iran’s evolving influence operations and cyberattacks support Hamas Understanding how Iranian and Iran-affiliated threats traverse 3 distinct phases may help identify vulnerabilities and attack vectors. By Microsoft Security Mar 28, 2024 5 mins Security news Report suggests cybersecurity investment, board involvement linked to better shareholder returns The study by Diligent and Bitsight points to advanced security and strong risk or audit committees as good predictors of an enterprise’s financial success. By sascha _brodsky Mar 28, 2024 4 mins CSO and CISO Business Business IT Alignment PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe