in ,

The ultimate defense: What is an Air Gapped computer?

When you read about cybersecurity, you will probably also see "air-gapped" computer systems. It's a technical name for a simple idea: A computer system that is naturally isolated from potentially dangerous networks. Or, in simpler terms, using an offline computer.

What is an Air Gapped Computer?

An Air Gapped computer has no physical (or wireless) connection to insecure systems and networks.

For example, suppose you want to work on sensitive financial and business documents without any risk of ransomware, keyloggers and other malware. You decide to just set up an offline computer in your office and not connect it to the Internet or any network.

Congratulations: You just rediscovered the idea of ​​Air Gapped a computer, even if you have never heard of it.

The term "Air Gapped" refers to the idea that there is "air gap" between the computer and other networks. It is not connected to them and can not be attacked through the network. An intruder would have to "cross the air gap" and naturally sit in front of the computer to endanger it, as there is no way to access it electronically over a network.

When and why you should use Air Gap Computers

No network connection is required for every computer task.

For example, look at critical infrastructure such as power stations. Computers are needed for industrial systems to work. However, these computers do not need to be exposed to the Internet and the network in general for their security. This eliminates all the threats that the network uses and the only downside is that their operators must be physically present to control them.

You could also do it on your home computers. For example, suppose you have older software (or a game) that works better in Windows XP. If you are still using this old operating system, the safest way to do this is to get this Windows XP Air Gapped system. Windows XP is vulnerable to many attacks, but you do not run the risk of keeping your Windows XP system offline and offline.

Alternatively, if you are working on sensitive business and financial data, you could use a computer that is not connected to the internet. You will have maximum security and privacy for your work as long as you keep your device offline.

How Stuxnet attacked Air Gapped computers

Air Gapped computers are not inaccessible to threats. For example, people often use USB drives and other removable storage devices to move files between computers. For example, you can download an application to a networked computer, mount it on a USB drive, transfer it to an Air Gapped computer, and install it.

This is another form of attack in a theoretical context. The advanced Stuxnet worm worked this way. It is designed to spread by infecting removable drives such as USB drives, allowing it to break an "Air Gapped" when someone connects an infected USB to computers without a network. They then used other functions to spread through the Air Gapped network, as some Air Gapped computers within organizations connect to each other but not to the Internet. Designed to target specific industrial software applications.

The Stuxnet worm is believed to have caused extensive damage to Iran's nuclear program and was built by the United States and Israel, but the countries involved have not confirmed any of this. Stuxnet was advanced malware designed to attack Air Gapped systems.

Other Possible Threats to Air Gapped Computers

There are other ways in which malware could infiltrate Air Gapped networks, but you always need an infected USB drive or similar device to insert the malware into your computer.

For example, if malware introduced on an Air Gapped computer via a USB drive and there was another infected computer near the Internet, the infected computers may be able to communicate over high-frequency audio data using the speakers and computer microphones. This is one of the many techniques presented at Black Hat USA 2018.

These are all very complex attacks, much more complicated than the ones we see in the average malware circulating on the internet. However, government hackers can use techniques we have not seen.

How to make an Air Gap computer

Just disconnect it from the network. Do not connect it to the Internet and of course do not connect it to a local network. Disconnect all Ethernet cables and turn off the computer's Wi-Fi and Bluetooth. For maximum security, consider reinstalling your computer operating system from a reliable installer.

Do not reconnect the computer to a network, even when you need to transfer files. If you need to download software, for example, use an Internet-connected computer, transfer the software to USB, and use this storage device to transfer files to and from that computer. This ensures that the system is Air Gapped and will not be compromised by an intruder over the network.

For best security, turn off any wireless hardware on your computer. For example, if you have a desktop computer with a Wi-Fi card, turn on the computer and remove the Wi-Fi hardware. If you can not do that, you could at least switch to the hardware from the system BIOS or UEFI and turn off Wi-Fi.

Theoretically, malware on your computer could reactivate Wi-Fi hardware and connect to a Wi-Fi network. But this can be done at a nuclear power plant, not at home.

Be careful with the software you download and transfer to your system.

Finally, physical security is the only thing you need to worry about. For example, if you have a sensitive business data system in an office, it should probably be located in a safe area such as a locked room rather than in the center of a room where many people can access.



Subscribe to the Blog via Email

Enter your email to subscribe to the email notification service for new posts.

Read them Technology News from all over the world, with the validity of

Follow us on Google News at Google news