Air-gapped networks are used to protect many critical systems, including those that support the stock market, the government and industrial power industries. Separating sensitive IT systems from the internet using an 'air-gap' is secure and effective. However, it carries its own risks when data moves through the air-gapped to connected systems. Now, modern systems are incapable of creating security protections sufficiently such that they can be 'trusted' with the most sensitive data while concurrently being exposed to untrusted data streams. While an air-gapped system can protect data-at-rest, a completely isolated system or computer can be of limited value. Many inevitably require the system to connect with the internet indirectly or send and receive data from internet-connected systems where they are more vulnerable to a range of attacks.
There are variety of methods through which air-gapped systems can be compromised, such as the use of physical flash drives that install malware, unaccounted-for VPNs and other connections inherent in many older ICS networks. Air-gaps are conceptually simple, but are hard to maintain in practice. The truth is that nobody wants a computer that never receives files from the Internet and never sends files out into the Internet. What they want is a computer that's not directly connected to the Internet, albeit with some secure way of moving files on and off. But every time a file moves back or forth, there's the potential for attack. That's essentially the dilemma Defense Advanced Research Projects Agency (DARPA) is attempting to solve.
Recommendation
While there are several countermeasures against electromagnetic exploits that have been proposed, there is no perfect solution. One of the most effective methods to prevent electromagnetic exploits is to make it difficult for an attacker to collect an electromagnetic signal at the physical level such as creating space between the air-gapped system and outside walls or using a Faraday cage to prevent electromagnetic radiation (EMR) from escaping. Although these measures seem extreme, Close-proximity side channel attacks can be used to intercept data, such as key strokes or screen images from demodulated EMR waves.
End user security awareness training is the most viable solution to secure a computing device or network from an air-gap attack. The epic story of Stuxnet worm that was designed to attack air-gapped industrial control systems, is thought to have been introduced by infected thumb drives found by employees or obtained as free giveaways.
Visit cyber.qa.com for more information on how they can help solve the Cyber Security skills gap.
More articles by James
Cyber Pulse: Edition 105
Read the latest edition of Cyber Pulse, our round-up of cyber news.
16 March 2020Cyber Pulse: Edition 104
Read the latest edition of Cyber Pulse, our round-up of cyber news.
09 March 2020Cyber Pulse: Edition 103
Read the latest edition of Cyber Pulse, our roundup of cyber news.
02 March 2020Cyber Pulse: Edition 102
Read the latest edition of Cyber Pulse, our roundup of cyber news.
24 February 2020Cyber Pulse: Edition 101
Read the latest edition of Cyber Pulse, our roundup of cyber news.
17 February 20204 things you need to know about cyber security in 2020
Cybersecurity researcher James Aguilan predicts four areas that will shape the future of cybersecurity in the decade ahead.
22 January 2020How does Ransomware-as-a-Service work?
Cyber security Researcher, James Aguilan looks at how ransomware-as-a-service works, and how organisations can protect themse…
07 August 2019Phishing Campaigns: Defending organisations against phishing
QA Cyber Security Trainer, James Aguilan, argues that understanding how to defend against phishing is of paramount importance…
15 February 2018Is Mr Robot a good representation of real-life hacking and hacking culture?
QA Cybersecurity trainer James Aguilan looks at several scenarios featured in the hit US TV series Mr Robot – and how they ma…
19 February 2018Safeguarding your Digital Footprint
QA Cyber Security Trainer, James Aguilan, shares 6 tips that can help you safeguard your digital footprint.
05 March 2018