Halcyon Lands Large Investment to Defend Against Ransomware: Jon Miller and Ryan Smith questioned why, despite the widespread use of security technologies, ransomware was still expanding rapidly in the wake of the Colonial Pipeline event in 2021.
It is a strange dichotomy. In a recent study, 78% of the businesses that responded claimed they would boost their cybersecurity spending in the following year. However, it is also predicted that in 2023, ransomware-related losses would be greater than $30 billion globally. Miller and Smith, veterans of businesses eventually bought by Blackberry and Optiv, as well as cyber defense contractor Boldend, formed the cybersecurity firm Halcyon out of frustration with the current quo. They assert that it can assist businesses reduce their total recovery times while preventing ransomware from inflicting damage.
The message seems to be hitting home with VCs.
Halcyon said today that has secured a $44 million Series A fundraising round (plus $6 million in debt) from investors Dell Technologies Capital, SYN Ventures, and Corner Ventures. Miller stated that the additional funds and loan will be used to boost the company’s engineering and R&D divisions as well as its continuous sales and marketing efforts. According to CEO Miller, “We view our product as unique in that we have no direct competitors, and in fact want to improve other security tools used by our customers.” “First, we make the supposition that all security measures, including our own, will eventually fail. We have concentrated on developing products with robustness in mind because of this.
Miller may claim that Halcyon doesn’t have any direct rivals. However, there are a ton of vendors in the cybersecurity market, which has constantly seen financing decline and dealmaking approach a two-year low in the most recent fiscal quarter, according to Crunchbase. Threatening to get much hotter is the financial crisis. But Miller painstakingly outlines what he believes to be Halcyon’s competitive advantages.
In order to identify “malicious intent,” the platform uses AI that has been trained on a data collection comprising millions of actual ransomware instances. According to Miller, this is in contrast to the static, rules-based detection systems employed by several cybersecurity companies.
Security Organizations Would Absorb Millions of Samples
Security organizations would absorb millions of samples, indications, and artefacts from many sources to construct detection engine models, he continued. In order to avoid contaminating our models with information unrelated to ransomware operations or flawed samples like those frequently taken from open malware sources, we started much more carefully.
Halcyon makes an effort to identify and stop known harmful executables, such as commercially available ransomware, and to forward new but suspect executables to other “protection layers” for extra investigation. The platform also makes an effort to “trick” ransomware into stopping or disclosing an attack by taking use of characteristics that are hardcoded in the ransomware malware itself and activating code using deception methods.
A “resiliency layer” that enters play if the platform’s detection and prevent layers fail is Halcyon’s other distinctive feature. According to Miller, the resilience layer collects the encryption keys produced during the assault, giving IT and security personnel a method to automatically decrypt the afflicted endpoints and neutralizing the attack. Typically, during a ransomware assault, attackers encrypt a number of network endpoints, such as laptops, and demand money in order to unlock them. It seems like Halcyon’s strategy is a good method to deal with this. Of course, this assumes that it functions as effectively as Miller claims.
Investors have Shown a Lot of Interest in Halcyon
In any event, investors have shown a lot of interest in Halcyon, which has raised $50 million in total since 2020, including Series A. Halcyon was a corporate credit card and loan client with the bank when Silicon Valley Bank went down, according to Miller, but Halcyon has since “diversified its banking relationships” to better manage risk. Halcyon expects to increase the size of its workforce from 75 individuals to over 100 by the end of the year, serving a customer base of about 51 businesses. Regarding the software, Miller claims that Halcyon would include a data exfiltration tool to halt the “double extortion” strategies now employed by ransomware groups as well as support for various operating systems including Linux and Mac.
Hackers that threaten to encrypt important material and post it on the dark web or sell it to the highest bidder typically engage in double extortion attempts. Gaining access to systems and credentials is now simpler and less expensive than ever thanks to the expansion of ransomware operations and the economy that supports them, according to Miller. “Products that don’t begin with an approach that prioritizes resilience will generate more business risks and higher cyber insurance premiums, which have an impact across all aspects of organization,” the study found.
When questioned about the reason why the firm borrowed financing, Miller refused to disclose Halcyon’s income, simply stating that it was for “flexibility” in the short term. However, if polls are to be believed, demand for Halcyon’s product won’t be declining anytime soon, which may be excellent news for the company’s financial position.