The ultimate defense: What is an Air Gapped computer?

When you read about cyber security, you'll probably see "air-gapped" computer systems. It's a technical name for a simple idea: A system which is physically isolated from potentially dangerous networks. Or, in simpler terms, using an offline computer.

What is an Air Gapped Computer?

An Air Gapped computer does not (or wireless) connection to unsecured systems and networks.

For example, let's say you want to work on sensitive financial and business documents without any risk of ransomware, keyloggers and other malicious programs.τα. Αποφασίζετε ότι θα ρυθμίσετε απλώς έναν υπολογιστή χωρίς σύνδεση στο γραφείο σας και δεν θα τον συνδέσετε στο Δια or on any network.

Congratulations: You just rediscovered the idea of ​​Air Gapped a computer, even if you have never heard of it.

The term "Air Gapped" refers to the idea that there is "air gap" between the computer and other networks. It is not connected to them and can not be attacked through the network. An intruder would have to "cross the air gap" and naturally sit in front of the computer to endanger it, as there is no way to access it electronically over a network.

When and why you should use Air Gap Computers

No network connection is required for every computer task.

For example, look at critical infrastructure such as power stations. Computers are needed for industrial systems to work. However, these computers do not need to be exposed to the Internet and the network in general for their security. This eliminates all the threats that the network uses and the only downside is that their operators must be physically present to control them.

You could also do it on computers in your home. For example, let's say you have some old software (or a ) that works best on Windows XP. If you are still using this old operating system, the safest way to do it is to make this Windows XP system Air Gapped. Windows XP is vulnerable to many attacks, but you are not at risk as long as you keep your Windows XP system off the network and use it offline.

Alternatively, if you are working on sensitive business and financial data, you could use a computer that is not connected to the internet. You will have maximum security and privacy for your work as long as you keep your device offline.

How Stuxnet attacked Air Gapped computers

Air Gapped computers are not inaccessible to threats. For example, people often use USB drives and other removable storage devices to move files between computers. For example, you can download an application to a networked computer, mount it on a USB drive, transfer it to an Air Gapped computer, and install it.

This is another form of attack in a theoretical context. The advanced Stuxnet worm worked this way. It is designed to spread by infecting removable drives such as USB drives, allowing it to break an "Air Gapped" when someone connects an infected USB to computers without a network. They then used other functions to spread through the Air Gapped network, as some Air Gapped computers within organizations connect to each other but not to the Internet. Designed to target specific industrial software applications.

The Stuxnet worm is believed to have caused extensive damage to Iran's nuclear program and was built by the United States and Israel, but the countries involved have not confirmed any of this. Stuxnet was advanced malware designed to attack Air Gapped systems.

Other Possible Threats to Air Gapped Computers

There are other ways in which malware could infiltrate Air Gapped networks, but you always need an infected USB drive or similar device to insert the malware into your computer.

For example, if malware introduced on an Air Gapped computer via a USB drive and there was another infected computer near the Internet, the infected computers may be able to communicate over high-frequency audio data using the speakers and computer microphones. This is one of the many techniques presented at Black Hat USA 2018.

These are all very complex attacks, much more complicated than the ones we see in the average malware circulating on the internet. However, government hackers can use techniques we have not seen.

How to make an Air Gap computer

Just disconnect it from the network. Do not connect it to the Internet and of course do not connect it to a local network. Disconnect all Ethernet cables and turn off the computer's Wi-Fi and Bluetooth. For maximum security, consider reinstalling your computer operating system from a reliable installer.

Do not reconnect the computer to a network, even when you need to transfer files. If you need to download software, for example, use an Internet-connected computer, transfer the software to USB, and use this storage device to transfer files to and from that computer. This ensures that the system is Air Gapped and will not be compromised by an intruder over the network.

For best security, turn off any wireless hardware on your computer. For example, if you have a desktop computer with a Wi-Fi card, turn on the computer and remove the Wi-Fi hardware. If you can not do that, you could at least switch to the hardware from the system BIOS or UEFI and turn off Wi-Fi.

Theoretically, malware on your computer could reactivate Wi-Fi hardware and connect to a Wi-Fi network. But this can be done at a nuclear power plant, not at home.

Be careful with the software you download and transfer to your system.

Finally, physical security is the only thing you need to worry about. For example, if you have a sensitive business data system in an office, it should probably be located in a safe area such as a locked room rather than in the center of a room where many people can access.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.082 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).