How to bridge and secure air gap networks

One of the more interesting security best practices is about to get turned on its head, thanks to some cutting-edge research at a small Israeli think tank and elsewhere. The notion is called an “air gap network” and the idea is to isolate a PC from the big bad Internet and any other communications networks so as to have complete security with the information that resides therein.

Air gaps have been around for many years, and have found their way into military and intensely secure installations as you might imagine. But they aren’t foolproof. Perhaps the biggest known exploit of an air gap network occurred several years ago, when the Stuxnet virus was specifically designed to get inside the Iranian nuclear facility at Natanz. The virus contained specialized code to take over the nuclear centrifuges that were running in the plant and deliberately overspin them and damage the gear. It was accomplished by infecting an Internet-attached PC with malware that was looking for USB thumb drives attached to the infected PCs. Even though the centrifuges were controlled by isolated PCs, the plant’s workers would download files to USB drives from Internet-connected computers and then carry them into the plant’s protected area. Obviously, someone went to great lengths to create Stuxnet – which only worked under these limited circumstances and only could cause harm to a particular Siemens centrifuge controller – but still it is an example of how even the best planned air gaps can have their weaknesses. (Related infographic: How Stuxnet worked)

To read this article in full or to leave a comment, please click here