First, let’s talk about what a physical air gap is and why you’d implement one at all.
What is an Air-Gapped Computer?
An air gap by definition is a physical separation of two assets, literally air between two things. Okay, jokes aside air gaps have been used to secure some of the most crucial assets organizations and nations care about, think nukes to intellectual property.
Why Air Gap?
The entire goal of a physical air gap is to secure sensitive information so that cyber attackers can’t get their hands on it. All organizations have information assets that are core to their business, but some are so crucial and would pose such a severe impact if compromised that organizations have chosen to air gap these resources from the rest of their information assets.
What Do Companies Air Gap?
Air-gapped assets differ for every company. They may include everything from payment systems, medical devices and PCI (payment card information) servers, to SCADA and ICS network devices. For instance, oil & gas/energy enterprises frequently separate this core infrastructure from the corporate network to prevent compromise of the pumps and meters. This is critical for ensuring uptime and availability, as any unwanted adjustment could not only be a financial loss, but could be truly catastrophic to their customers and the public at large.
What are the Risks of a Physical Air Gap?
The intention of an air gap separation is to increase security. But an air gap also introduces complications. Since these devices are segmented from a company’s less restricted networks, including any web-facing device or network, they are difficult to patch, monitor and upgrade. It’s also more challenging for users to move back and forth between network-connected devices and air-gapped devices. As a result, users often find workarounds. For example, some use USBs to transfer data between environments for ease of use, but this totally wipes away the security benefit provided by the air gap. While the goal of the air gap is to increase security measures, the infrastructure is still only as secure as the users who operate the devices and the policies and procedures that they follow (or not).
How to Breach an Air Gap?
It may not come as a surprise then that an air gap is not 100% guaranteed to be breach-proof. There are a number of ways that cyberattackers can find their way to air-gapped assets:
- Physical (USB drives, removable media, smartphones, etc.)
- Many of these systems are updated via external media. But by allowing these peripheral devices to connect vulnerabilities can not be introduced by a corrupted piece of media, malware attacks like the Stuxnet breach are a prime example.
- Backdoor into firmware via software libraries
- If corrupted, applications running on these air-gapped systems can introduce vulnerabilities to the device and expose sensitive information to compromise.
- Insider Threat
- Information security concerns are not all technical; malicious actors are not always external. A rogue or unaware employee may compromise the air-gapped devices and introduce an entry point to the air-gapped computer systems.
How to Protect an Air gap?
You can try to prevent some of the above breaches by enacting these restrictions:
- Protect against Peripheral Access
- Block all external media from connecting to the air-gapped critical systems.
- Reduce software dependencies for these systems
- Avoid patching and upgrading systems unless crucial to the targeted task.
New Approach to Air Gap.
There are some obvious limitations to an air-gapped system, which begs the question t, are the same cybersecurity benefits possible without the limitations of a physical air gap? Can network restrictions be enforced and peripheral connections be blocked or controlled to mimic an air gap, but deliver increased functionality? We believe so…check out our approach to privileged access workstations (PAW).