Are ‘air-gapping’ computers the best way to prevent a breach?

local council data breach

Back in the days where data breaches and hacks were a new phenomenon, ‘air-gapping’ was a term which meant that it was nearly impossible for computers to be breached.

Air-gapping is a security measure that isolates a computer away from a network. By doing so, the computer stands alone. The security method was thought to be 100 per cent effective as it allows data contained within the computer to be safe from hacking.

In the growing age of data leaks and hacks, is this the only way we can truly protect ourselves?

Ultimately, an air-gapped computer is physically separated and can’t connect wirelessly or physically with other computers or network devices. But hacking has come a long way, and humans have intervened, and even hacking the safest cyber-security methods may not be impossible.

Easy method of hacking into an air-gapped computer?

Air-gapped computers are apparently becoming easier to hack.

As simple as it sounds, they can be breached by attaching a USB stick into the machine. Of course, as with anything, it can be slightly more complicated than that…

A human could act as an intermediary i.e. gain the trust of an employee and then they could attach the USB stick, which could be in the form of a Wi-Fi dongle or a flash drive. Once the device has entered the machine, it’s effectively breached. This method just requires an employee to make a “rookie error” by allowing a USB device onto the system which can then exfiltrate the data.

A simple solution to this would be to limit access to the machine. Depending on how sensitive the data is, the machine may need to be locked away or secured in a separate room. If a separate room isn’t possible, the computer could be placed in an office of a trusted employee.

There is still a flaw in this technique: the issue comes that humans will interact with the machine. Air-gapping’s main problem is that, once multiple individuals have access to the machine, who becomes accountable in the event of a data breach? It also highlights whether employees are trusted to interact with the machine.

Harder methods of hacking into an air-gapped computer

Aside from hacking into computers using a simple USB stick, air-gapped computers can be hacked using more complex strategies. Research suggests that the following methods have been successful:

  • Using an FM receiver – a hacker can use the FM receiver to tune into the signal and spy on what is displayed on computer screen. Some know this as a TEMPEST attack; I find it easier to remember it as an ‘eavesdropping attack’.
  • Covert acoustical mesh networks which uses built-in microphones and speakers – a hacker could transmit data to a distance of approximately 65 feet using this method.
  • Using a light attack – a hacker could shine an infrared or visible light into the room where the air-gapped computer is connected to a multi-function printer scanner. While the printer or scanner is in use, the hacker can receive and send attacks.

These air-gapped breaches were tried and tested by cyber-security experts to raise awareness. However, they’re probably more air-gapped attacks in the pipeline that cyber-security experts aren’t even aware of.

Air-gapped security methods aren’t 100% fool-proof

Though there are multiple ways to secure air-gapped computers, they aren’t 100% hack-proof. Companies should consider air-gapping machines for sensitive data that doesn’t need a network signal. However, they mustn’t be complacent to think that this method will keep their data safe.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a Callback from our team!

Fill out our quick call back form below and we’ll contact you when you’re ready to talk to us.
All fields marked * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.