The ultimate defense: What is an Air Gapped computer?

When you read about with στον κυβερνοχώρο, πιθανότατα θα δείτε και τα συστήματα υπολογιστών “air-gapped”. Είναι ένα τεχνικό όνομα για μια απλή ιδέα: Ένα υπολογιστή που είναι φυσικά απομονωμένο από δυνητικά επικίνδυνα δίκτυα. Ή, με απλούστερους όρους, χρησιμοποιώντας έναν υπολογιστή connection.

What is an Air Gapped Computer?

An Air Gapped computer has no physical (or wireless) connection to insecure systems and networks.

For example, let's say you want to work on sensitive financial and business documents without any risk of ransomware, keyloggers and other malicious programs.the. You decide that you will just set up an offline computer in your office and not connect it to the Internet or any network.

Congratulations: You just rediscovered the idea of ​​Air Gapped a computer, even if you have never heard of it.

The term "Air Gapped" refers to the idea that there is "air gap" between the computer and other networks. It is not connected to them and can not be attacked through the network. An intruder would have to "cross the air gap" and naturally sit in front of the computer to endanger it, as there is no way to access it electronically over a network.

When and why you should use Air Gap Computers

No network connection is required for every computer task.

For example, look at critical infrastructure like stations . Computers are needed to run industrial systems. However, these computers do not need to be exposed to the Internet and the network in general for their security. This rules out all network-using threats, and the only downside is that their operators need to be physically present to check them.

You could also do it on your home computers. For example, suppose you have old software (or a game) that works best on . If you are still using this old operating system, the safest way to do it is to make this Windows XP system Air Gapped. Windows XP is vulnerable to many attacks, but you are not at risk as long as you keep your Windows XP system off the network and use it offline.

Alternatively, if you are working on sensitive business and financial data, you could use a computer that is not connected to the internet. You will have maximum security and privacy for your work as long as you keep your device offline.

How Stuxnet attacked Air Gapped computers

Air Gapped computers are not inaccessible by threats. For example, people often use USB drives and other removable storage devices to travel between computers. For example, you can download an application on a networked computer, put it on a USB drive, transfer it to the Air Gapped computer, and install it.

This is another form of theoretical framework attack. The sophisticated Stuxnet worked this way. It was designed to spread by infecting removable drives such as USB drives, enabling it to breach an “Air Gapped” when someone plugs an infected USB into computers without a network. They then used other features to spread through an Air Gapped network, since some Air Gapped computers within organizations are connected to each other but not to the internet. Designed to target specific industrial software applications.

The Stuxnet worm is believed to have caused extensive damage to Iran's nuclear program and was built by the United States and Israel, but the countries involved have not confirmed any of this. Stuxnet was advanced malware designed to attack Air Gapped systems.

Other Possible Threats to Air Gapped Computers

There are other ways in which malware could infiltrate Air Gapped networks, but you always need an infected USB drive or similar device to insert the malware into your computer.

For example, if malware introduced on an Air Gapped computer via a USB drive and there was another infected computer near the Internet, the infected computers may be able to communicate over high-frequency audio data using the speakers and computer microphones. This is one of the many techniques presented at Black Hat USA 2018.

These are all very complex attacks, much more complicated than the ones we see in the average malware circulating on the internet. However, government hackers can use techniques we have not seen.

How to make an Air Gap computer

Just disconnect it from the network. Do not connect it to the Internet and of course do not connect it to a local network. Disconnect all Ethernet cables and turn off the computer's Wi-Fi and Bluetooth. For maximum security, consider reinstalling your computer operating system from a reliable installer.

Do not reconnect the computer to a network, even when you need to transfer files. If you need to download software, for example, use an Internet-connected computer, transfer the software to USB, and use this storage device to transfer files to and from that computer. This ensures that the system is Air Gapped and will not be compromised by an intruder over the network.

For best security, turn off any wireless hardware on your computer. For example, if you have a desktop computer with a Wi-Fi card, turn on the computer and remove the Wi-Fi hardware. If you can not do that, you could at least switch to the hardware from the system BIOS or UEFI and turn off Wi-Fi.

Theoretically, malware on your computer could reactivate Wi-Fi hardware and connect to a Wi-Fi network. But this can be done at a nuclear power plant, not at home.

Be careful with the software you download and transfer to your system.

Finally, physical security is the only thing you need to worry about. For example, if you have a sensitive business data system in an office, it should probably be located in a safe area such as a locked room rather than in the center of a room where many people can access.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).