Attackers hammered the network with 1 million upload injections in less than 2 hours, but could not force a DoS, and all port probes had no response.
Austin, Texas (PRWEB) July 31, 2012
The combined forces of MerlinCryption’s variable key length ASBE encryption, with STT’s unique ability to preclude malicious exploits against a network, mastered a security tiger team assault and debuts STTealth Shield™ NAC solution.
The penetration test was initiated by James DeArruda, President of Total Transportation Concept, Inc., a global freight forwarder and customs broker. “I formed a diverse attack team, comprising some of the best white hats, in the U.S., Europe, and Asia. Our overall goal was to test both the impenetrability of a protected network and the strength of the encryption algorithm within.”
The attack team began by probing the IP addresses provided with one million upload injections in less than two hours, concluding that no communication port was visible from the Internet and that no response was given to unauthorized queries.
“Once our team exhausted their tools, they recruited several notable peers to test, as well,” says DeArruda, “One undisclosed elite was asked to scan and attack the IP addresses. He responded back that he ‘did not have time for illusionary targets.’”
STT then authorized testers into the network, where they could attempt attack on STTealth-protected computers. Pen testers, also called “white hat attackers” were also provided with encrypted files to attempt decryption.
“After 10 days of ongoing attack, no one had succeeded in penetrating protected machines and no one had broken the encryption,” DeArruda reports, “Our team was highly pleased with the results, as we strive to maintain our market advantage in providing our clients with unassailable protection.”
Unlike most network security solutions, STTealth Shield™ is not a firewall and goes beyond white-listing to mask clients from the Internet and prevent malicious activity directed toward their network. The technique does not respond to port probes, which effectively ignores DoS perpetrator attacks, fake IP attempts, and all unauthenticated and unapproved network messages.
“The MerlinCryption-STT partnership creates a security powerhouse,” says Brandon Brown, COO MerlinCryption. “Together, we close the gaps in traditional network security by encrypting data-in-motion, data-at-rest, and individual computers. The solution protects all zones, unmanaged machines, and remote users.”
On the sub-net, or across the Internet, STTealth Shield encrypts individual computer nodes, utilizing multiple layers of rotating encryption algorithms, and changing keys at less than one-minute intervals.
MerlinCryption’s Anti-Statistical Block Encryption (ASBE) algorithm is not subject to attack models and methods of Cryptanalysis; is not based on mathematical technique; and is not subject to statistical analysis.
Each key scales in size between 2008 bits and 2 GB, as well as passwords that scale up to 64 KB. No two encryptions are alike: Each encryption process always results in a different cyphertext with varying length, even when repeating the same plaintext to encrypt, key, and password.
The patent pending random data generator outputs keys and passwords that are ‘generated-destroyed-recreated’ on demand, making key/password transfer between end points unnecessary.
“As underscored in this pen test, the alliance between MerlinCryption and STT delivers a new evolution of network security,” says Phil Gambell, CMO, STT LLC, “Some of the most vulnerable industries, such as P.O.S., media streaming, SCADA, and payments/payroll can now be secured with STTealth Shield innovation. Industry leaders, as well as other interested parties are welcome to participate in our penetration test lab, as well as request encrypted files to test.”
About STT LLC
A software company in Austin TX, STT LLC develops STTealth Shield™ an unparalleled security technique that secures all computer nodes and data on a network by concealing them from criminal detection and preventing malicious activity, penetration, and access.
STTealth Shield safeguards computers from other computers within a sub-net, as well as masking partners from external Internet port probes. Subscribers effectively Drop off the Radar™, providing no response to unauthenticated network messages inbound, and blocking all unauthorized communication attempts outbound.
STT LLC specializes in encrypted node and data security solutions protecting high-risk industries. http://www.STTealth.com
About MerlinCryption LLC
The Smart-World’s Smart-Encryption™ software company in Austin TX, MerlinCryption LLC develops encryption and authentication solutions that protect against counterfeiting, cloning, software compromise, physical machine compromise, and man-in-the-middle attack, designed specifically for the embedded and M2M (machine-to-machine) market.
The unprecedented security platform protects integrity of data-at-rest, data-in-motion, data-in-use, and data-in-change as it is created, viewed, edited, shared, stored, and moved across communications channels and through the Cloud. The encryption is NSA reviewed, BIS approved for export, and OFAC compliant. The cryptosystem enables compliance including HIPAA, and HITECH.
MerlinCryption is changing the way the world protects data and secures connectivity. http://www.MerlinCryption.com