Arms Cyber, an anti-ransomware solutions provider, announces a new capability of its solution for companies with endpoints running on Linux or Windows. The new functionality combines preemptive deception, movement, and hiding capabilities to help Linux and Windows users detect, block, and remediate encryption and business interruption activities.
“The size and scope of ransomware attacks are increasing every day, and despite existing market solutions that emphasize ‘stopping known malware,’ this approach does not sufficiently protect against the real threat, which is the unknown zero-day attacks,” said Josh McCarthy, Chief Product Officer at Arms Cyber. “We want to shift the market focus back to preemptive approaches in order to mitigate attacks instead of responding after the fact.”
Using preemptive deception to mitigate ransomware attacks
Modern cybercriminals have unlimited time and resources to find one hole in a company’s protection stack. Once they do, they often leverage fileless, in-memory, and living-off-the-land (LOTL) attacks that blend in with a company’s existing activity, making detection incredibly difficult and producing an overwhelming number of false positives.
Arms Cyber takes a unique approach to solving this problem. Upon initial access, attackers using LOTL techniques establish patterns that deviate from normal operating procedures. Arms Cyber’s zero trust policies build off these deviation requirements to reinforce more effective prevention. Intruders also rely on reliable information about their target, and static environments offer an ideal landscape for gathering such data. Integrating Arms Cyber’s Stealth Directories at the endpoint introduces a new file-hiding capability, making it nearly impossible for attackers to gain the actionable intelligence they need about their target.
“Most anti-ransomware solutions fall short because they focus on passive detection and response over proactive protection and prevention—they can’t respond to a breach until after it has occurred,” said McCarthy. “To prevent this, Arms Cyber integrates strategically placed deceptive tripwires with broader encryption monitoring, which, combined with stealth directories, enables a company to detect and stop attackers earlier in the ransomware attack lifecycle. With the addition of stealth directories and Linux support, attackers are not able to steal and exfiltrate what they are unable to locate on an organization's most critical endpoints.”
Arms Cyber is also introducing support for various flavors of the Linux operating system, bringing their anti-ransomware platform to the OS of choice for mission-critical operations.
According to available data, the vast majority of the world’s servers run on Linux, with estimates suggesting that around 96% of the top one million web servers use the technology. Meanwhile, new research has found that 59% of organizations were targeted in ransomware attacks in 2024, putting Linux users at significant risk.
The Linux-centric version of the Arms Cyber product addresses this challenge by providing low-overhead protection for Linux servers and data storage as well as legacy platforms that don’t support advanced malware protection. The Arms Cyber Linux product is available now.
