What Makes Air Gapping Secure?
Most attacks from hackers are carried out far away from the target system. Breaches like the ones that happened to Wendy’s and Massachusetts General Hospital are often the work of a person or group that specializes in creating malware that can siphon sensitive data from corporate systems connected to the Internet. The most obvious solution for this involves air-gapping the most sensitive data by storing it in a computer that isn’t connected to any network. Instead of transferring data to it through the web, someone has to go in and manually update the database. The main disadvantage of an air gap is that connected systems cannot query any data stored on the air-gapped system. Because of this its only feasible use is to archive things that other systems don’t need to reach on a daily basis such as contracts, property deeds, and business-to-business transaction data. Basically, anything that is highly sensitive but isn’t accessed frequently can be air-gapped without any major impact. Air gapping is often practiced in military organizations, stock exchanges, nuclear plants, oil and gas fields, and within some vehicles. (You wouldn’t want someone controlling your brakes remotely.) Chances are you don’t own a multi-million-dollar enterprise, but you still air gap information by storing it on USB sticks or external hard drives. Once the drives are disconnected from your computer, they can no longer be accessed by hackers. It’s a good way to store things like password lists. (Although it would be safer to use SSO services like PerfectCloud and LastPass for these things.)
The Threats
Storing data in an air-gapped system doesn’t necessarily mean that the data can’t be infiltrated. Nothing protects a company from complacency. If it isn’t careful about who has physical access to the system, there’s an unaddressed risk of sabotage. An untrustworthy person can easily slip in a USB stick and download a portion of the data stored in the air-gapped machine. Researchers at Ben-Gurion University have also designed a method through which an air-gapped machine can be infected and transmit its data through radio waves, heat, and even fluctuations in its cooling fans’ rhythm. The latter method will make it very difficult to tell what data has been accessed and who accessed it when the inevitable investigation takes place. To circumvent these threats, machines will need routine security checkups, and people accessing the system need to be vetted thoroughly. The truly paranoid out there could isolate the computer from any sort of radio signalling and use liquid cooling.
The Takeaway
Although there are some ways to undermine air gapping, it still stands as the most secure way to store data. The issue from here on in becomes complacency, a vice that has taken down giants for thousands of years. The point here is that regardless of what security measures you have in place, your prudence is key to making sure that they work the way they should.