ST Engineering delivers cyber resilience to OT, IoT, IT environments with its NetCrypt Mini, other products

ST Engineering’s cyber business has enhanced its product lineup to include its NetCrypt Mini dongle and CORVA platform, which will help bring cyber resilience to government organizations and enterprises. This will help to mitigate cyberattacks in OT (operational technology), IoT, and IT environments since these products aim to provide customers with the latest critical technologies amidst evolving cyber threats and growing regulatory compliance rules.

The Singapore-based company released on Wednesday its NetCrypt Mini dongle and a next-generation Data Diode that intend to help governments and enterprises strengthen cross-domain security and defend critical systems data against cyber threats at boundaries of sensitive or classified networks. It also unveiled its Continuous Risk & Vulnerability Assessment (CORVA) platform that assists organizations to take a proactive stance towards maintaining cyber resilience across environments, including cloud and OT infrastructures. 

ST Engineering has designed these products and solutions to fit seamlessly into any operating architecture, making them ideal encryption and cross-domain solutions for organizations with critical infrastructures seeking to protect critical data flows and prevent sensitive data leakage.  

The USB-powered NetCrypt Mini delivers highly secure network access to corporate resources anytime and anywhere, even on public Ethernet/IP networks or Wi-Fi networks that require registration, according to ST Engineering. Weighing around 34 grams and about the size of a thumb drive, NetCrypt Mini is a small, portable IP encryptor dongle available. With anti-tampering and security features such as multi-factor authentication, NetCrypt Mini offers full data protection with cryptographic smartcard options and customizable algorithms.

ST Engineering’s Data Diode is a unidirectional communication and data transfer gateway that provides the secure transfer of critical data across physically separated networks. The design architecture protects governments, enterprises, industrial control system (ICS) operators, critical services providers, supply chains, and mission-critical networks from cyber reconnaissance and data leakage. It also prevents unauthorized content delivery through whitelisting of network traffic and disrupts all C2 communication by enforcing one-way information assurance, the company added. 

Command and Control (C2) communications involve those tools and techniques that are normally used by attackers to maintain communication with compromised devices following initial exploitation. Subsequently, they issue commands and controls to the compromised systems such as remote control or data mining. Setting up a command and control link is often the primary objective of malware.

ST Engineering said that the Data Diode gateway allows for additional stackable hardware and software to incorporate technologies that support IT and SCADA/ICS networking protocols for system integration and interoperability and operates without external proxies or virtual machines installed on external hardware, lowering the total cost of ownership (TCO) and making it easy to deploy and maintain. 

Its CORVA platform is a cloud-based software-as-a-service (SaaS) platform that protects vital digital assets by simulating realistic attack vectors used by malicious actors, identifying vulnerabilities in the computing and network environment, and providing prioritized remediation guidance, according to ST Engineering. 

Designed to be an automated and continuous approach for cyber-breach simulations and 24/7 cybersecurity posture visibility, CORVA provides threat simulations that come powered by artificial intelligence (AI) and security analytics and offer integration with existing intelligence-driven security operations center architecture, the company said. The platform ​​also offers cyber resilience through continuous risk and vulnerability assessments.

“Innovation is key to combat ever-evolving cybersecurity challenges and help governments and enterprises secure what matters across their IoT, IT and OT environments,” Goh Eng Choon, president for cyber at ST Engineering, said in a media statement. “NetCrypt Mini, the world’s smallest IP encryptor or hardware VPN in the market, and our new generation Data Diode complement our suite of cybersecurity products and help mitigate cyberattacks at network access and data transfer levels where anti-tampering or side-channel attacks could occur.”

”To maintain cyber resilience across various environments and effectively address cyber risk, organisations need proactive and continuous assessment of their cybersecurity posture so we created CORVA, a new native cloud-based software-as-a-service that offers 24/7 visibility, runs simulated breaches and attack sequences, identifies attack vectors and vulnerabilities, and provides remediation guidance,” Goh added.

Data released by FortiGuard Labs in its report, titled, “Global Threat Landscape Report A Semiannual Report by FortiGuard Labs,” revealed that ransomware has remained as ominous a threat for organizations worldwide during the first two quarters of this year, as it has for the past several quarters. 

“Though we did not observe as dramatic a surge in attacks as the 2H2020, ransomware levels remained high and increased steadily over the course of the year,” according to the report. “Average weekly ransomware activity across our sensors in June 2021 was, in fact, 10.7x higher than levels set one year ago. Furthermore—and contrary to the general perception—ransomware presents a threat to a much broader range of industries than just healthcare, government, and the education sectors,” it added.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.