The Air-Gap Dilemma

Air-gapped networks are used to protect many critical systems, including those that support the stock market, the government and industrial power industries. Separating sensitive IT systems from the internet using an 'air-gap' is secure and effective. However, it carries its own risks when data moves through the air-gapped to connected systems. Now, modern systems are incapable of creating security protections sufficiently such that they can be 'trusted' with the most sensitive data while concurrently being exposed to untrusted data streams. While an air-gapped system can protect data-at-rest, a completely isolated system or computer can be of limited value. Many inevitably require the system to connect with the internet indirectly or send and receive data from internet-connected systems where they are more vulnerable to a range of attacks.

There are variety of methods through which air-gapped systems can be compromised, such as the use of physical flash drives that install malware, unaccounted-for VPNs and other connections inherent in many older ICS networks. Air-gaps are conceptually simple, but are hard to maintain in practice. The truth is that nobody wants a computer that never receives files from the Internet and never sends files out into the Internet. What they want is a computer that's not directly connected to the Internet, albeit with some secure way of moving files on and off. But every time a file moves back or forth, there's the potential for attack. That's essentially the dilemma Defense Advanced Research Projects Agency (DARPA) is attempting to solve.

Recommendation

While there are several countermeasures against electromagnetic exploits that have been proposed, there is no perfect solution. One of the most effective methods to prevent electromagnetic exploits is to make it difficult for an attacker to collect an electromagnetic signal at the physical level such as creating space between the air-gapped system and outside walls or using a Faraday cage to prevent electromagnetic radiation (EMR) from escaping. Although these measures seem extreme, Close-proximity side channel attacks can be used to intercept data, such as key strokes or screen images from demodulated EMR waves.

End user security awareness training is the most viable solution to secure a computing device or network from an air-gap attack. The epic story of Stuxnet worm that was designed to attack air-gapped industrial control systems, is thought to have been introduced by infected thumb drives found by employees or obtained as free giveaways.