What Is An Air gap?

What is an Air Gap?

An air gap is a safety mechanism in which computers, electronic systems, or networks are not connected to any other devices or networks. This is use in situations where airtight security is require without the risk of compromise or disaster. It ensures complete isolation of a given system — electromagnetically, electronically, and, most importantly, physically — from other networks, particularly insecure networks. In other words, data can only transfer by connecting a physical device to it, such as a flash drive, external hard disc, or DVD.

The word “air gap” is simply a metaphor for the conceptual gap create by the physical separation of computers. When the maximum security of a system or the data store in it is require, air-gapped networks and computers are use. Air gaps shield systems from malware, keyloggers, ransomware, and other unauthorized access. A few examples are:

  • Life-critical power plant controls.
  • Military and aviation computers.
  • Government networks.
  • Financial computer systems.
  • Computerized medical equipment.

What is an air-gapped computer?

A computer system that is air-gapped has no physical (or wireless) linkage to unprotected computers and applications.

Assume you want to work on sensitive financial and business documents without worrying about ransomware, keyloggers, and other malware. You decide to install an offline computer in your office without connecting it to the internet or any network.

Congratulations: even if you’ve never heard of the term “air-gapping a computer,” you’ve just re-invented it.

So what does air-gapped mean? The word “air-gapped” refers to the concept of an air gap between the computer and other networks. It is not link to them and cannot be attack via the network. To compromise the computer, an attacker would have to “cross the air gap” and physically sit in front of it, as there is no way to access it electronically over a network.

Why Do People Use Air Gap Computers?

A network connection is not required for every computer or computing task.

Consider critical infrastructure such as power plants. They require computers to run their industrial systems. However, those computers do not need to be connect to the internet or network because they are “air-gapped” for security. This prevents all network-based threats, with the only drawback being that their operators must be physically present to control them.

You could also air gap computers at home. For example, assume you have some old software (or a game) that works best on Windows XP. Then, if you still want to use that old software, the most secure method is to “air gap” your Windows XP system. Unfortunately, windows XP is susceptible to a variety of attacks. Still, you’re not at risk if you keep your Windows XP system off networks and use it exclusively offline.

You could also use a computer that isn’t connected to the internet if you’re working on sensitive business and financial data. As long as you keep your device turned off, you’ll have maximum security and privacy for your work.

How Stuxnet Infiltrated Computers Through Air Gaps

Computers that are air-gapped are not immune to threats. People frequently use USB drives and other removable storage devices, for example, to transfer files between air-gapped computers and networked computers. For instance, you could download an application from a networked computer, transfer it to a USB drive, and install it on the air-gapped computer.

This opens up a new attack vector, and it’s not a theoretical one. This is how the sophisticated Stuxnet worm operated. It was design to spread by infecting removable drives such as USB drives, allowing it to cross a “air gap” when people plugged those USB drives into computers with air gaps. Other exploits were then use to spread through air-gapped networks. Some air-gapped computers within organisations are connect to each other but not to larger networks. It was create to address specific industrial software applications.

The Stuxnet worm is widely believe to have cause significant damage to Iran’s nuclear programme create by the United States and Israel. Still, the countries involved have not publicly confirmed these facts. However, we know for sure that Stuxnet was sophisticate malware design to attack air-gapped systems.

How to Air Gap a Computer

As we’ve seen, air gapping a computer is as simple as disconnecting it from the network:

  1. Connect it to neither the internet nor a local network.
  2. Disconnect any physical Ethernet cables and turn off the Wi-Fi and Bluetooth hardware on the computer.
  3. Consider reinstalling the computer’s operating system from trusted installation media and then using it entirely offline for maximum security.

Even if you need to transfer files, don’t reconnect the computer to the network. If you need to download apps, connect a computer to the internet, transfer the software to a storage device such as a USB drive, and use that storage device to move the files back and forth. This ensures that an attacker cannot compromise your air-gapped system over the network. It also provides that any malware on your air-gapped computer, such as a keylogger, cannot communicate any data over the network.

Disable any wireless networking hardware on the air-gapped PC for added security. For instance, open it and remove the Wi-Fi hardware if you have a desktop computer with a Wi-Fi card. If you can’t do that, you can disable the Wi-Fi hardware in the system’s BIOS or UEFI firmware.

Suppose a computer has functional wireless networking hardware. In that particular instance, malware on your air-gapped PC might re-enable the Wi-Fi devices and connect to a Wi-Fi network. So, you really want a computer system that does not include any wireless networking hardware for a nuclear power plant. At home, simply turning off the Wi-Fi hardware may suffice.

Be cautious of the software you download and install on the air-gapped system. For example, if you’re constantly transferring data via a USB drive between an air-gapped system and a non-air-gapped system that’s both infected with the same malware, the malware could extract information data from your air-gapped system through the USB drive.

Finally, make certain that the air-gapped computer is physically secure as well—physical security is all you need to be concerned about. For example, suppose you have an air-gapped critical system with sensitive business data in an office. In that case, it should likely be in a secure area, such as a locked room, rather than in the centre of the office, where people are constantly walking back and forth. If you have an air-gapped laptop with sensitive data, keep it safe, so it doesn’t get stolen or otherwise compromise.

(However, full-disk encryption can help protect your files on a stolen computer.)

In most cases, air-gapping a computer system is not a viable option. After all, computers are usually so helpful because they are network.

However, air-gapping is an essential technique that, when done correctly, ensures 100% protection from network threats—just make sure no one else has physical access to the system and don’t bring malware over on USB drives. It’s also free, as there’s no need to pay for expensive security software or go through a complicated setup process. In certain situations, it is the best way to secure certain types of computing systems.

what is an air-gapped network?

An air-gapped network has been physically separate from other public and private networks by a “gap of air.” This indicates that the air gapped network is cut off from the open network, external email, and any other means to communicate directly from one network to another.

Consider the following scenario: If a valley separates two hills, the only way to get to the other mountain is by taking a direct path or using a mode of transportation, which could range from an overpass to a helicopter that will travel you over there. Bridges and helicopters in this scenario represent external network connections, such as public network access and email messages, making it easier for attackers to latch onto and gain access to a private network.

But suppose these two mountains are in a remote part of the world with no means of transportation or other access to cross between them. The valley between them is a chasm of air that few travelers will want to risk their lives to travel. Similarly, creating a barrier between your private network and other public networks deters most attacks because the attack vector has been complicated by isolation.

Data transmission in an air-gapped network can only occur through non-network means: removable hardware or media, such as a USB drive, can use to transfer information in and out of an air-gapped network. Transient devices, such as laptops, can be authorised to communicate to the air-gapped network, but only with specific permissions. Consider these to be secret passageways or special access transportation that only authorised travellers can use to communicate to your air-gapped network. These, however, require a human with physical access to both machines as well as secure authentication credentials.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button