Air gapped network12/28/2023 Now granted, all three of these research projects describe pretty unique situations, and perhaps unlikely if not difficult to construct out in the real world. This latter research builds on earlier work done in Germany with the propagation of audio signals across another air gap network in their test lab.Ĭlearly, having just "air" as a gap can no longer protect your computer from potential attacks, whether they be transmitted by light or sound. The phone was able to "listen" to the radio signals that came from an ordinary VGA video cable attached to a PC and a monitor and decode the information typed on the PC. They tricked the app into thinking that the headphone cable was connected (many phones use this as an antenna to capture FM radio signals) and to activate the phone's radio receiver. In this attack, researchers disassembled one of the Android media player files that interacted with the smart phone's FM radio to figure out how to move information to the phone over those frequencies. The same team that worked on the printer exploit also published another paper highlighting a second mechanism. That article cites research at Ben Gurion University. This isolates the desktop session to inside your data center, where at least you can apply some solid security to these remote users.Įarlier in October, we wrote about one way that air gaps could be comprised, through the use of all-in-one printers that can flash lights from their scanning bed if the cover is left open. Think about using Virtual Desktop Infrastructure if you are going to be running a lot of apps across the Internet.They have so many communications pathways that it can be almost impossible to keep anything securely from them. Don't connect your PC to the Internet.Install special TEMPEST-style radio frequency protection, to trap any errant RF monitoring from your most sensitive computers.Disable any removable USB ports and other media slots such as CD drives (some IT managers use superglue and others use endpoint protection software) so that no external media can be attached to your computer to infect or exfiltrate any data.(Related infographic: How Stuxnet worked) How to isolate your network Obviously, someone went to great lengths to create Stuxnet – which only worked under these limited circumstances and only could cause harm to a particular Siemens centrifuge controller – but still it is an example of how even the best planned air gaps can have their weaknesses. Even though the centrifuges were controlled by isolated PCs, the plant's workers would download files to USB drives from Internet-connected computers and then carry them into the plant's protected area. It was accomplished by infecting an Internet-attached PC with malware that was looking for USB thumb drives attached to the infected PCs. The virus contained specialized code to take over the nuclear centrifuges that were running in the plant and deliberately overspin them and damage the gear. Perhaps the biggest known exploit of an air gap network occurred several years ago, when the Stuxnet virus was specifically designed to get inside the Iranian nuclear facility at Natanz. Īir gaps have been around for many years, and have found their way into military and intensely secure installations as you might imagine. The notion is called an "air gap network" and the idea is to isolate a PC from the big bad Internet and any other communications networks so as to have complete security with the information that resides therein. One of the more interesting security best practices is about to get turned on its head, thanks to some cutting-edge research at a small Israeli think tank and elsewhere.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |