You might have heard it in the Matrix, or in a heist movie: what does “air gapping” mean?
Normal Devices, IoT devices, etc.
In today’s age, many devices have internet capabilities. Your washer, dryer, your coffee machine, your fish tank equipment, things like glucose monitors and portable speakers, are all now capable of internet connection. Is it efficient? Sure, if you want those features – they wouldn’t still be made with WiFi enabled if they didn’t provide some use to the end consumer that was greater than the annoyance of getting it all set up. Is it safe?
No! Generally speaking, IoT devices are poorly defended and often don’t even come with passwords to prevent unauthorized parties accessing their internal computers. This can then act as a gateway to other parts of the network – your home computer, with it’s tax documents, or your business computer that shares a network with the coffee machine, to see valuable internal documents. One unlucky casino had their devices infected with ransomware after a fishtank thermometer allowed an unsavory agent to connect to it (learn more here on Forbes: https://www.forbes.com/sites/leemathews/2017/07/27/criminals-hacked-a-fish-tank-to-steal-data-from-a-casino/?sh=4be5c0832b96 ).
It’s unfortunate, but many networks are not as totally protected as they need to be, even without an IoT device providing an easy door in. Even crucial networks can be manipulated. The only way to truly secure a computer from outside threats is to not allow it any access to the outside at all.
Locked Away in a Tower
An airgapped computer may still be part of a network with other computers on it, but every part of an airgapped network is kept in physical isolation from the outside world, or any computers that are allowed to touch the internet at large.
It has no network interfaces: other devices cannot see the air gapped ones wirelessly. It will not receive updates, it will not be exposed to the online threats that a lack of updates can present. If data must be transferred to an airgapped system, it must be done via a physical data device like a thumbdrive, or disk. You may see an issue there – a malicious party could gain access and deliver a virus or malicious program on a device to infect the air gapped computer, so physical access must be tightly controlled as well. Famously, a nuclear reactor in Iran was infected with a virus known as Stuxnet via a thumbdrive, which caused a significant setback to operations in the plant by damaging centrifuges.
System requiring less protection can use things like data diodes to filter their incoming information – an unclassified computer can talk to a classified one, but only if the data is determined to be safe coming in, and only if the data leaving the classified system is carefully monitored to prevent exactly the situation such devices are used for in the first place.
Vulnerabilities
As mentioned above, the easiest way to get into an air gapped network is to somehow get close to the system physically with a portable data device like a thumbdrive. But a number of other methods to steal or transmit data exist too! A couple of researchers found success by transmitting acoustic signals, or using a cellphone to broadcast at certain frequencies – the computer was contacted and internal equipment was manipulated into behaving like an antenna, transmitting data back to the phone. Furthermore, if someone does get into the system, viruses are often able to spread much faster than they would be on other networks, because air gapped systems are not updated as frequently thanks to their lack of internet connection. Security holes not present in other systems might still be found in air gapped ones!