What is an air gap and why do security teams use them?
Air gaps remain a go-to resource in the cyber security arsenal, yet experts warn these systems aren’t inherently unbreachable
An air gap is a security strategy in which computer networks are physically isolated, with no connection to external networks such as the internet. Air-gapped computers or networks are prized by security professionals for their ability to provide a unique balance between access and security for an entity’s most critical information.
Air gaps come with their own benefits and drawbacks and are usually deployed in specific cases where data is considered absolutely critical enough to be walled away from would-be attackers. This doesn’t mean that air gaps are foolproof, however, as creative threat actors often attempt and sometimes succeed at breaching air-gapped networks.
Types of air gaps
Air gaps fall into three main categories based on the entities that use them and the level of security they provide.
Total Physical Air Gap
This non-internet-connected network is in a physical space away from any internet-connected devices. The air gap’s hardware could be locked in another room, or in some high-security cases even stored off-site in its own containment building. Firms that use this type of air gap seek the most intensive level of security an air gap can provide. Even so, attackers can use isolation to exploit physical security weaknesses.
For instance, when threat actors can’t physically get into a network, they’ll tap into networks that control the environment of said systems. In a guest lecture Yuval Elovici of Tel Aviv University provides an example in which attackers hacked the temperature control system of a room holding a firm’s air-gapped hardware. They then changed the room temperature, negatively affecting the hardware’s internal temperature sensors. In that way, threat actors were able to disable a system through encryption barriers.
Same-Environment Air Gap
In this type of air gap, hardware containing sensitive information lives alongside other hardware connected to external networks. For some companies, that separation is as simple as unplugging a server from the network, while the server above it in the rack uses external connectivity.
This can cause challenges with security, as it’s easy for a well-meaning (or a not-so-well-meaning) employee to connect an air-gapped device to the internet, subjecting sensitive data to greater breach exposure.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Air gaps connected to an internal DNS service offer a common point of weakness. The challenge of pulling DNS data from an air-gapped DNS and moving it to where it’s most useful can be laborious, leading some to take the route of a “quick” connection to external networks to complete a data migration. It’s important to note that physical proximity between connected and air-gapped - devices increases the likelihood of exposing air-gapped devices to to an internet-connected (and therefore higher--risk) network.
Logical Air Gap
This form of air gap involves software such as a firewall or encryption to bar both physical and connectivity access to a chosen device. Adevice subjected to a logical air gap may be plugged into the broader network, but it can’t access the internet nor be accessed via the internet unless the encryption is broken. Simi Logical air gaps also separate from the network via role-based access control.
Companies often roll out logical air gaps through encryption codes. Even though a device is connected to the internet, the data is inaccessible without a key to unlock encryption. Companies that want to use this type of air gap pay close attention to user access permissions. At times, the logical air gap doesn’t remove or even reduce breach risk since the requirement to keep login data private is transferred to the user. A successful phishing attack could breach a role-based access control system and even an encrypted one if users are careless with encryption keys.
Pros and cons of air gaps
The most evident pro of using air gaps is the protection it gives critical data. As the last, best resort to shield information from hackers in the event of a data breach, air gaps are an intensive but clear strategy for ultimate data protection.
Experience the benefits that come from migrating to an IaaS platform
DOWNLOAD NOW
While data encryption can prevent attackers from using stolen data, it cannot protect files from being encrypted with ransomware or corrupted beyond recovery with a wiper like CryWiper. Patient hackers may also choose the ‘steal now, crack later’ approach and sit on stolen data for years until quantum computing develops to the point where they can decrypt it. Air gaps circumvent these concerns by making secure networks almost impossible to access in the first place.
The primary cons of air gaps come from the added administrative / system-management workload that comes from successfully running an air gap network.
Here are two examples of added admin workload of air gap management:
- More resources needed for security updates: Security updates to air-gapped networks are manual by necessity and must, therefore, be managed more closely than internet-connected networks. This could allow exploitable vulnerabilities within networks to escape patch management, while also putting extra strain on already burned-out security teams. that threat actors can leverage to access sensitive data.
- Threat exposure through backups: If an admin uses a USB to transfer backup data, it opens the network up to being compromised. Threat actors have successfully breached air gaps by hiding malicious code in USBs. For instance, attackers could place malware on a USB plugged into an internet-connected. If an internal user then takes the USB and plugs it into an air-gapped device or network, they will transfer the malware to the protected network and ruin any protections the physical separation of an air gap offered. Some organizations ban the use of USBs altogether to avoid this type of attack vector.
This adds more responsibility to admins when critical information stored in the air gap needs to be taken out and stored.
Some IT leaders opt for the tried-and-true backup mediumof tape to store air gap data. Every few years the tape medium disintegrates and organizations will need to have an aggressive backup routine to mitigate that risk. Alternatives such as glass data storage are slowly becoming reality, but until they hit the market leaders are willing to invest in tape storage to protect their most sensitive data.
USBs, among the cheapest mediums for data, are sometimes used to ferry data between an air-gapped network and one connected to the internet, but this comes with its own severe risks. It was via USB that the infamous Stuxnet worm infected air-gapped Iranian nuclear infrastructure, allegedly a result of US-Israeli efforts to circumvent security measures protecting the nation’s uranium-enriching plants from outside attacks.
Who uses air gaps?
Any organization that stores classified information, or which oversees critical national infrastructure (CNI) is a good candidate for using air gaps. The most-targeted industries for cyber attacks all commonly use air gaps including financial institutions, military branches, government administrative departments, and healthcare institutions. For those looking to attack nation-states, there’s no way more effective than shutting down an energy grid or water supply, so air gaps are also an integral layer of defense in cyber warfare.
Lisa D Sparks is an experienced editor and marketing professional with a background in journalism, content marketing, strategic development, project management, and process automation. She writes about semiconductors, data centers, and digital infrastructure for tech publications and is also the founder and editor of Digital Infrastructure News and Trends (DINT) a weekday newsletter at the intersection of tech, race, and gender.