Highlights:
- Salvador’s platform provides a crucial capability, ensuring continuous operations for their customers’ operational technology and industrial control systems.
- The Cyber Recovery Unit (CRU) generates a comprehensive duplicate of the industry control system, encompassing the operating system, data files, drivers, and unique user configurations.
Recently, Salvador Technologies Ltd., a startup specializing in cyberattack recovery, announced the successful securing of USD 6 million in funding. This financial support aims to advance the company’s mission of safeguarding industrial organizations and their most critical information technology infrastructure.
Pico Venture Partners spearheaded the latest funding round, with participation from ongoing investors Pitango VC and Sarona Partners.
The startup asserts that it has developed a cyberattack recovery platform leveraging patented security failover technology. This innovative approach eliminates downtime when customers fall victim to ransomware attacks. These attacks involve malware that encrypts data, demanding a “fee” for restoring the information. Salvador’s platform provides a crucial capability, ensuring continuous operations for their customers’ operational technology and industrial control systems.
This capability is paramount, considering the average downtime following a cyberattack spans three weeks, leading to direct and indirect damages. Customers can circumvent their standard recovery protocols by leveraging Salvador’s failover technology. According to the startup, this approach enables critical infrastructure operators and industrial organizations to restore their systems, servers, and workstations from any issues in just 30 seconds.
Established in 2020, the startup was founded by childhood friends Alex Yevtushenko and Oleg Vusiker, who currently hold the positions of Chief Executive Officer and Chief Technology Officer, respectively.
Yevtushenko highlighted that the frequency of cyberattacks on critical infrastructure systems is rising, with cybercriminals increasingly incorporating artificial intelligence systems to assist in circumventing the security measures implemented by organizations. Because of such scenarios, “the need for an effective recovery solution is critical,” he stated.
While disaster recovery systems are prevalent in the cybersecurity industry, Salvador contends that existing solutions are primarily designed for recovering data damaged by fire or water or lost due to theft rather than effectively addressing the specific challenges posed by ransomware attacks. Moreover, many existing disaster recovery systems face vulnerabilities, which can be targeted by malware replicating itself into data backups. This strategy aims to prevent victims from quickly restoring to an earlier point.
Salvador addresses this threat by implementing a mitigation strategy, ensuring its backups are stored on a dedicated Cyber Recovery Unit (CRU). This unit functions as an air-gapped server provided to customers. The CRU generates a comprehensive duplicate of the industry control system, encompassing the operating system, data files, drivers, and unique user configurations. During each backup operation, Salvador utilizes monitoring technologies to ensure that the data remains uncompromised by malware. Salvador provides an alternative hardware solution, a Network Recovery Station, to protect critical assets stored in private cloud networks. This station can back up significantly larger volumes of data.
The company asserts its ability to safeguard against the most advanced persistent threats, commonly called APT attacks. Typically orchestrated by state-sponsored actors, these attacks are meticulously planned to circumvent even the most advanced security measures and operate discreetly under the radar. In these scenarios, attackers employ various techniques to gain initial access and establish a persistent presence within the system. Their ultimate objective is to identify and steal strategic or sensitive data.
Salvador uses counteractive measures to mitigate these threats by creating three copies of customer data. Significantly, one of these copies remains inaccessible until the recovery process to prevent APT infection. The remaining two copies are safeguarded through Salvador’s patented offline protection algorithms. Access to the data in these two copies is time-limited and exclusively permitted using Salvador’s dedicated software, with the disks remaining undetectable by the underlying operating system.
Salvador attributes its platform’s reliability to its rapid customer base expansion. This clientele comprises numerous multinational manufacturing corporations in the chemical, food, automotive, and aerospace sectors, along with critical infrastructure providers encompassing water and energy providers, healthcare centers, and national maritime ports.
Tal Yatsiv, General Partner at Pico Ventures, emphasized that the startup addresses a significant problem in an underserved operational technology market. “The company’s innovative solution acts as an insurance policy for organizations, eliminating risk by ensuring an immediate full recovery following an attack or a system malfunction,” he said.