What is an Air-Gapped Computer?
An air-gapped computer is a computer that is isolated from unsecured networks, meaning that it is not connected to the internet or to any other system that is connected to the internet. A computer that is truly air-gapped will also be physically isolated, meaning that data can only be passed to it physically via USB, removeable media, etc. Air-gapped computers are most often found in high security environments such as1:
- Military computer systems and networks
- Government computer systems and networks
- Financial computer systems and networks
- Industrial control systems such as Supervisory Control and Data Acquisition (SCADA)
- Life-critical systems:
- Nuclear power plants
- Aviation Computers:
- Full Authority Digital Engine Controls (FADECs)
- Medical Equipment
Businesses of all sizes can benefit from air-gapped backups, which protect data from being destroyed, accessed, or manipulated in the event of a cyberattack or other disaster. Keep the following tips in mind when implementing air-gapped backups:
- Air-gapped backups should be stored in a secure location that is not accessible to unauthorized personnel.
- Air-gapped backups should be updated regularly, typically daily ,or weekly.
- Air-gapped backups should be tested periodically to ensure that they can be used to restore data in the event of a disaster.
- Air-gapped backups should be encrypted to protect sensitive data from being accessed by unauthorized personnel.
While air-gapped computers and air-gapped backups offer effective data protection, they are still vulnerable to many kinds of threats. Examples of threats to air-gapped computers include:
Social engineering/insider threats. A human who wittingly or unwittingly may breach the computer with portable media can breach an air-gapped computer.
Acoustic. Acoustic methods can include hackable smartphones that are capable of picking up audio signals that humans cannot differentiate from background noise, and ultrasonic waves with higher frequencies that are both inaudible and provide greater bandwidth.
Electromagnetic. Techniques involve eavesdropping on EM radiation from the computer and monitoring leakage from USB ports and cables.
Optical. Optical techniques include the use of easily hacked LED surveillance cameras that can transmit substantial amounts of information.
1 Nohe, 2018, “What is an Air Gapped Computer?”