The newest releases of Nebulon’s ImmutableBoot and TimeJump backup systems boast 'reboot-to-recover' functionality for Linux systems. Credit: DigitalSoul / Getty Images / Linux Smart infrastructure vendor Nebulon today announced that its latest offerings provide newly hardened backups for configuration and snapshots, in an effort to add a new tool to the antiransomware arsenal for Linux systems.The idea, according to Nebulon, is to protect against the problem of misconfigured servers and dated server configurations in Linux systems. This is a particularly serious problem in IT shops where configuration and patch management aren’t handled in a centrally organized way.Nebulon’s new service works using the same principle as its existing smart infrastructure offerings, which are delivered via PCIe cards—here, the system periodically writes “known-good” configurations of the bootloader to the system, which can’t be touched by ransomware attackers, according to Gartner Research senior director and analyst Tony Harvey. “ImmutableBoot basically means that all you have to do is have the ‘golden image’ of the operating system with all the right configs, that’s been patched and hardened and updated, then you stick a flag on it that says ‘this is now immutable,'” he said. “So anything after that gets written to memory but not to the disk. The ransomware thinks it’s writing to the drive it thinks is the OS, but it’s blocked from doing so.” Protecting boot volumes a key new feature for LinuxThus, companies hit with a ransomware attack can theoretically just reboot their servers to the “immutable” configuration for quick recovery, at least as far as the boot drive is concerned. This isn’t an overall, silver-bullet ransomware protection solution, noted Harvey, but the ability to protect boot volumes effectively is an important new capability.“If you think about it, for a major ransomware event, the basic problem wasn’t restoring from backup, it was rebuilding the system in the first place so that you could restore from the backup,” he said. The same principle applies to the TimeJump feature, which works on the data and operating system layers. That’s less unique, according to Harvey—large storage array vendors tend to offer this capability—but still an important capability for ransomware protection, particularly in concert with ImmutableBoot.“With the data side of the house, they make those snapshots immutable, so you know that your snapshot from a week ago is uninfected,” he said. “You can jump back to the snapshot, and you’ll lose a week’s worth of data, burt at least your system’s working now.” Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe