Advertisement

Air Gap

By: Claudio Buttice | Reviewed by Margaret RouseCheckmark | Last updated: June 9, 2022

What Does Air Gap Mean?

An air gap is a security measure that isolates a digital device or private local area network (LAN) from other devices and networks, including the public internet. An air gap is also known as an air wall and the strategy of using air gaps to protect critical data is also known as security by isolation.

Air gaps are used to protect critical computer systems and the data they store from malware, keyloggers, ransomware and other types of unauthorized access. This strategy seeks to ensure the total isolation of a given system electromagnetically, electronically and physically.

Air gapping also plays an important role in backup and recovery. For example with 3-2-1 backups, each backup has three copies. While two of the copies can be stored on the same network, the third copy has to be air-gapped and stored in a completely different physical location. This way, even if the network is attacked and the first two copies become compromised, storage administrators can use the air-gapped copy to restore data quickly.

Advertisement

Techopedia Explains Air Gap

Air-gapped systems are computers or networks typically contain highly-sensitive or business-critical data.

Challenges

Air gaps used to be the gold standard for protecting Operational Technology (OT) environments back in the days when when OT and information technology (IT) were two different things.

In the past, a lot of traditional electronic equipment like thermostats and home appliances were air-gapped due to their inherent limits rather than for security reasons. However, with the widespread diffusion of wireless components, OT is no longer air-gapped because the technology connects to the internet.

Air Gap Security

To protect critical data, additional security precautions should be taken to support air gaps. This includes disabling USB ports and using a Faraday cage to block wireless transmissions and prevent electromagnetic (EM) leakage.

Today, true isolation also requires the elimination of electromagnetic radiation leaks. This includes blocking FM and cellular frequency signals, blocking thermal and near-field communication (NFC) channels and cloaking LED light pulses.

Air Gap Jumps

Despite the high level of security an air gap provides, it's still possible to breach air-gapped computers. While the concept of physical isolation is quite simple, its execution is becoming increasingly difficult.

Air gap attacks are a growing cyberthreat, especially for air-gapped networks cut off from the internet. Security experts have found that cutting-edge acoustic channels employing ultrasonic, inaudible sound waves can be used as an attack vector against smartphones capable of picking up higher frequencies. Data can also be siphoned through radio signals even when Bluetooth is disabled. That is why, in many high-security environments, mobile phones are not allowed in range of the most critical systems.

According to CISA, well-known instances of attackers jumping an air gap include:

2010 - a USB drive was used to infect a nuclear facility, change centrifuge RPMs and edit the control room's human-machine interface (HMI) to indicate the centrifuges were operating normally.

2018 - the U.S. accused Russia of infecting air-gapped electrical grid operations.

2020 - hackers believed to be working on behalf of the Chinese government successfully targeted the air-gapped networks of the Taiwanese and the Philippine military.

Advertisement

Synonyms

Air Wall, Air-Gapping

Share this Term

  • Facebook
  • LinkedIn
  • Twitter

Related Reading

Tags

CybersecurityNetwork Management

Trending Articles

Go back to top