XSOC Introduces SOCKET Designed to Protect Critical Infrastructure ComponentsMay 16, 2021 No Comments
SOURCE: XSOC Corp
Several recent critical “zero-day” CVEs have been released that pertain to industrial IT/OT technology and critical infrastructure vendors such as Schneider Electric. The Georgia-based Colonial Pipeline ransomware attack, perpetrated by the professional foreign hacking group “DarkSide” may be the unfortunate harbinger for a new wave of attacks targeting public utilities.
The team at XSOC Corp has designed and demonstrated a patented solution called SOCKET for easy and immediate deployment into IT/OT and SCADA environments, specifically designed to protect critical infrastructure components.
XSOC Corp’s SOCKET for IT/OT & SCADA does not require SSL certificates and is designed to run effectively in secure, air-gapped, closed-circuit, and mixed legacy network environments. SOCKET utilizes continuously rotating symmetric-key cryptography for an always unique encryption signal over highly secured network.
Global-Level Innovations in Cybersecurity
XSOC CORP’s core of senior software and hardware engineers mesh decades of algorithmic programming experience with high-performance encryption techniques. Matching global-level innovations in cybersecurity with the business and marketing acumen of a highly seasoned executive management team have accelerated XSOC CORP’s rapid launch into the market.
XSOC CORP expands upon the notion that strong encryption, combined with better tools, is the only real way to ensure protection of data and systems from external threats – no matter how sophisticated. XSOC CORP’s new technology addresses gaps in traditional cybersecurity systems by offering advanced encryption products, utilities, and pluggable components that are uniquely designed for the expanding Internet of Things (IoT) and Industrial Internet of Things (IIoT) markets.
“We have offered our core, flagship, and patent-pending cryptosystem technology directly onto a publicly available GitHub account for free use and evaluation by the broader academic community,” said Richard Blech, CEO, XSOC. “XSOC CORP is confident that the applied use of this extreme-performance symmetric encryption technology, also named ‘XSOC’, will help to protect many from the continuously evolving threats that people face every day. Our cryptosystem is more than just a standalone cipher or an algorithm. It is a suite of tools and APIs designed to make cryptography useful and easily integrated into real-world applications”.
Providing Stable and Secure Mechanisms for Permanent Network Environments
XSOC CORP is working with both the academic and professional community to help address some of the issues with outdated Public Key Infrastructure (PKI). SSL/TLS are generally the most used form of PKI, but offer only a “static” certificate-based solution that, in many cases, updates cryptographic key material certificates once per year. The certificate concept hasn’t changed or improved much in the last 20 years, rather it has simply become more expensive while remaining challenging to deploy and manage. Enter SOCKET, a unique new technology designed to enable continuous cryptographic key rotation (updates), with or without the support of SSL/TLS certificates.
SOCKET is a cryptographic key-exchange mechanism designed for near-field / radio frequency (RF) and wireless transmissions that support hardened encryption security closed-circuit, limited-distance, or intermittent ad-hoc network environments. Examples include securing drone-to-drone communications, tactical encrypted walkie-talkies, and other similar (battlefield) type environments that require rapid setup and tear-down.
SOCKET also provides an equally stable and secure mechanism of key infrastructure for more permanent network environments. For example, SOCKET can be used as a stand-alone (out-of-band) method of symmetric key transfer for legacy devices in an industrial (IT/OT) or commercial wireless security environment, or modern streaming video cameras in a warehouse or embassy. SOCKET is an ideal companion to the XSOC Cryptosystem which provides a secure solution for symmetric key exchange, enabling security in environments where TLS (SSL Certificates) are undesirable or infeasible. For the technically inclined, SOCKET may be thought of as an “N-Tier” version of Kerberos / X.509 technology; a 20-years advanced version of symmetric key transfer that does not have a single point of failure.
While XSOC CORP’s SOCKET technology focuses on the concept of secure key exchanges in private network environments, it has also opened the technology fully to internet by way of WAN-SOCKET. The Wide Area Network (WAN) version of SOCKET uses advanced Distributed Hash Table (DHT) and Peer to Peer (P2P) technology to securely deliver symmetric encryption keys anywhere and with minimal lag or latency.
The efficiency of SOCKET (and WAN-SOCKET) stems from the final pillar of XSOC CORP’s core underlying technology suite, known as Encrypted Broadcast Protocol or “EBP”. EBP is a native security protocol for network-efficient encrypted signal communications running at 512bit, or greater, encryption strength. XSOC CORP has innovated on top of the already efficient UDP protocol, making it 100 percent reliable, while also delivering data that is fully encrypted. In a direct head-to-head challenge against the TCP/IP protocol, XSOC CORP has demonstrated transmission of large amounts of data over EBP can be done more than twice as fast as the leading FTP client/server, while still being protected by 512bit encryption.