Air Gap

Why Trust Techopedia

What Does Air Gap Mean?

An air gap is a security measure that isolates a digital device component or private local area network (LAN) from other devices and networks, including the public internet. An air gap is also known as an air wall and the strategy of using air gaps to protect critical data is also known as security by isolation.

Advertisements

Air gaps are used to protect critical computer systems and the data they store from malware, keyloggers, ransomware and other types of unauthorized access. This strategy seeks to ensure the total isolation of a given system electromagnetically, electronically and physically.

Air gapping also plays an important role in backup and recovery. For example with 3-2-1 backups, each backup has three copies. While two of the copies can be stored on the same network, the third copy has to be air-gapped and stored in a completely different physical location. This way, even if the network is attacked and the first two copies become compromised, storage administrators can use the air-gapped copy to restore data quickly.

Air gaps also play an important role in confidential computing. Confidential computing is an emerging approach to cybersecurity that runs computational workloads in isolated, hardware-encrypted environments.

Techopedia Explains Air Gap

Air-gapped systems are computers or networks typically contain highly-sensitive or business-critical data.

Challenges

Air gaps used to be the gold standard for protecting Operational Technology (OT) environments back in the days when when OT and information technology (IT) were two different things.

In the past, a lot of traditional electronic equipment like thermostats and home appliances were air-gapped due to their inherent limits rather than for security reasons. However, with the widespread diffusion of wireless components, OT is no longer air-gapped because the technology connects to the internet.

Air Gap Security

To protect critical data, additional security precautions should be taken to support air gaps. This includes disabling USB ports and using a Faraday cage to block wireless transmissions and prevent electromagnetic (EM) leakage.

Today, true isolation also requires the elimination of electromagnetic radiation leaks. This includes blocking FM and cellular frequency signals, blocking thermal and near-field communication (NFC) channels and cloaking LED light pulses.

Air Gap Jumps

Despite the high level of security an air gap provides, it's still possible to breach air-gapped computers. While the concept of physical isolation is quite simple, its execution is becoming increasingly difficult.

Air gap attacks are a growing cyberthreat, especially for air-gapped networks cut off from the internet. Security experts have found that cutting-edge acoustic channels employing ultrasonic, inaudible sound waves can be used as an attack vector against smartphones capable of picking up higher frequencies. Data can also be siphoned through radio signals even when Bluetooth is disabled. That is why, in many high-security environments, mobile phones are not allowed in range of the most critical systems.

According to CISA, well-known instances of attackers jumping an air gap include:

2010 – a USB drive was used to infect a nuclear facility, change centrifuge RPMs and edit the control room's human-machine interface (HMI) to indicate the centrifuges were operating normally.

2018 – the U.S. accused Russia of infecting air-gapped electrical grid operations.

2020 – hackers believed to be working on behalf of the Chinese government successfully targeted the air-gapped networks of the Taiwanese and the Philippine military.

Advertisements

Related Terms

Margaret Rouse
Editor

Margaret jest nagradzaną technical writerką, nauczycielką i wykładowczynią. Jest znana z tego, że potrafi w prostych słowach pzybliżyć złożone pojęcia techniczne słuchaczom ze świata biznesu. Od dwudziestu lat jej definicje pojęć z dziedziny IT są publikowane przez Que w encyklopedii terminów technologicznych, a także cytowane w artykułach ukazujących się w New York Times, w magazynie Time, USA Today, ZDNet, a także w magazynach PC i Discovery. Margaret dołączyła do zespołu Techopedii w roku 2011. Margaret lubi pomagać znaleźć wspólny język specjalistom ze świata biznesu i IT. W swojej pracy, jak sama mówi, buduje mosty między tymi dwiema domenami, w ten…