6 ways to secure air-gapped computers from data breaches

Air gapping is a technique that dates back to pre-internet computers. Effectively, an air-gapped computer stands alone, with no network connection. By isolating a computer from the internet, it is thought the data contained within the air-gapped computer is 100% safe from hacking.
Understand this…when humans are involved, nothing is 100%. However, does that mean you should reconsider that air-gapped solution for uber-sensitive data? Not necessarily.
Let’s consider a few things.
SEE: Special report: Cyberwar and the future of cybersecurity (free ebook) (TechRepublic)
How an air-gapped machine is breached: The easy methodFirst, I’ll explain the easiest and most common method of breaching an air-gapped computer.
In order to gain access to an air-gapped machine, one would need a human to serve as the intermediary. For instance, gain the trust of an employee, and have them attach USB devices (a Wi-Fi dongle, a flash drive, etc.) and that machine is breached. This method requires a willing subject to do the bidding of those in need of hacking that particular system to exfiltrate the data.
How do you avoid this? Depending upon the nature of the data contained within the air-gapped system, you should only allow certain staff members access to the machine. This might require the machine to be locked away in your data center or in a secured room on the premises. If you don’t have a data center or a dedicated room that can be locked, house the computer in the office of a high-ranking employee.
Ah, but there’s the rub…that employee is still human and, thereby, a weak link in the chain. This is where air gapping shows its glaring problem: accountability. Are your employees trustworthy? Have they been vetted thoroughly enough that you can trust them with that air-gapped machine?
There’s one thing you can do to help prevent this: lock up USB ports. A company called Lindy makes a product called a USB Port Blocker that blocks access to USB ports. If you’re really unsure about those employees, purchase a few of these blockers and insert them into the USB ports of the air-gapped machine. No, it’s not a perfect solution—someone could come along, pull out the USB mouse, and insert the offending tech. And you certainly don’t want to get around this by employing a Bluetooth keyboard/mouse, because Bluetooth signals can be hacked.
How an air-gapped machine is breached: The difficult methodThere have been a number of proof-of-concept attacks on air-gapped computers.
大型互联网公司的网站宕机时而有之,实际上很多高可用性方案本身并不可靠,因为所最终依靠的还是人,快速正确地进行安全事故响应才是根本。

Using an FM receiver, a hacker can tune into the FM signal emitted from the graphics card to spy on what is displayed on the computer display (this is called a TEMPEST attack).Covert acoustical mesh networks are created within a machine by inaudible (to the human ear) sounds. Using built-in microphones and speakers, an attacker can transmit data to a distance of roughly 65 feet.A light attack was highlighted at the 2014 Black Hat Europe conference wherein a hacker could shine a light (visible or infrared) into the room where the air-gapped computer was connected to a multi-function printer scanner (while a scan is in progress) to receive and send attacks.Let’s think about these attacks. The fact that these are all proof-of-concept means they:
are challenging to execute at best;are dependent upon numerous conditions to be in place; andhave been developed by security experts for research purposes only.Most of these air-gapped breaches were pulled off simply to raise security awareness. However, cybercriminals don’t tend to make their work known until it’s too late, which means there could be air-gapped attacks in the works we don’t know about. Even so, the perfect execution involved in such an attack makes them less likely than a simple act of socially engineering a staff member to insert a USB drive into the air-gapped machine. Now for the big question: Is it likely or unlikely that your staff could be conned?
How to secure air-gapped machinesMany users and companies rest easy, assuming their networks and servers are secure. Why? Because they pay staff to ensure that protection.
网络安全宣传动画——地铁机场的无线安全使用
But even the best IT staff can become complacent, miss a configuration option, or be completely unaware of a next-level hack such as these proof-of-concept air-gap hacks. And considering humans are fallible, it is not beyond the realm of possibility that your air-gapped machine is one USB drive from being hacked.
If you’re concerned about the data on your air-gapped machine, I highly recommend that you:
secure that machine either offsite or in a safeguarded room;make sure all cables to the machine are properly shielded (don’t cut corners on cables here);plug unused USB slots with the USB Port Blocker;turn the machine off when it is not in use (and unplug it from power);replace standard drives with SSD; andencrypt your data.Ultimately, air-gapping machines should be considered a viable solution for sensitive data that doesn’t need to be accessed over a network. With a few simple precautions, you can avoid that data getting into the wrong hands.
不过要提升分支机构的信息安全管理水平,统一标准实行基于信息化的远程监控、在线培训和集中管理可大幅降低成本。

猜您喜欢

专家谈航班延误安全事件:空管应提升透明度
网络安全宣传微视频——如何创建复杂且易记的密码
适用于所有行业的HSE在线培训课件
刘涛晒全家福庆结婚9周年一家四口甜笑
SODIMAC FLOORFORCE
信息安全——意识就是力量