HyperBunker, the cybersecurity startup promising to make ransomware attacks survivable, has secured €800,000 in seed funding to expand production and push into EMEA and the United States.

The round was led by Fil Rouge Capital and Sunfish Partners, investors interested in the company’s focus on resilience and its hardware-based approach to protecting critical data. HyperBunker will use the funds to scale up its production pipeline, which it said is currently capacity-constrained due to demand, and to accelerate deliveries to customers.

“At Sunfish Partners, we back visionary founders from Europe who are building technologies that strengthen Europe’s security, defence, and resilience,” said Max Moldenhauer, partner at Sunfish. “HyperBunker’s bold mission to neutralise ransomware addresses one of the most urgent global threats to national security and critical infrastructure.”

Dr. Ales Pustovrh from Fil Rouge Capital added that HyperBunker’s early traction had been hard to ignore.

“With a real answer for ransomware … and a production capacity-constrained pipeline, we had to participate in funding the team,” he said. “Market response to their unique solution has been extremely positive.”

Founded by a group of engineers that have been working in data recovery for two decades, HyperBunker has designed what the company describes as a “physical bunker” for data, an air-gapped vault that isolates and preserves mission-critical information from ransomware, insider threats, and network compromise.

With the flagship design based on learnings from over 50,000 ransomware-related recovery projects, the “data bunker” is not cloud-based, nor is it a conventional software-defined backup (approaches that companies like Rubrik take). Instead, it’s a hardened storage unit built to maintain operational continuity even when a network is taken offline by malware. And it remains unreachable from the network even during backup or restore operations.

The design uses optocoupler-based one-way data transfer, ensuring that information can only move into the secure environment and never back out. The company claims the result is a storage architecture that is physically incapable of being encrypted, deleted, or remotely accessed once data has been written.

According to co-founder and CTO Nino Eskič, the product was born directly from frontline experience helping victims of ransomware.

“We started working on the HyperBunker solution two years ago, based on our experience helping customers after ransomware had already encrypted their data,” he said. “Now, at last, we have a safe answer to how to protect critical data before it’s too late — put it in the bunker.”

Each HyperBunker device maintains four immutable versions of an organisation’s most critical data, giving operators a verified recovery path even if other backups are destroyed. Eskič said the system is designed for environments where continuity is essential.

The company is also developing a military-grade variant of its technology, ruggedised for field use and built to defence standards for environmental tolerance and durability, in response to growing interest from defence ministries and aerospace suppliers.

“In the military environment, if you lose data, it’s not about money – it can cost human lives,” Eskič told Resilience Media.

The firm says its approach deliberately diverges from the dominant trend toward cloud backup and software-as-a-service resilience platforms. Attackers routinely target connected storage first, encrypting or wiping replicas before striking production systems. By contrast, HyperBunker’s architecture assumes compromise and isolates the final copy of data behind a physical barrier that malware cannot cross.

“Connected backups are the first targets in modern ransomware attacks,” Eskič said. “We’ve seen countless cases where both the live systems and their backups were encrypted or deleted within minutes.”

Ransomware has become the most destructive cyber threat facing both civilian and military infrastructure.

In the UK alone, an estimated 19,000 successful ransomware attacks occurred in the past 12 months, double the figure from 2024, prompting government efforts to restrict ransom payments by public bodies. Across NATO member states, critical infrastructure operators are increasingly being drawn into hybrid campaigns where data destruction and extortion accompany espionage.

Against that backdrop, HyperBunker positions itself as the “last line of defence”: a survivability layer that guarantees access to critical data even when networks, systems, or supply chains are compromised. HyperBunker’s founders say their mission is straightforward: to make sure the data survives even when everything else fails.