Technavio’s Tech Tuesday: How Air-gapped Computers Can Be Saved From Data Breaches?

We are in a world where along with human-made calamities and natural disasters, data breaches have emerged as a grave threat to be tackled on a regular basis. Typically, it is the internet which is seen as the medium through which hacking and security compromise takes place. Moreover, until recently air-gapped computers were seen as more secure than the others.

If you do not know what exactly an air-gapped device is, then here is a simple definition. An air-gapped computer is neither directly connected to the internet, nor to any other computers which are connected to the internet. This way by isolating the computer from the internet, it is believed that the data stored in the machine is 100% hack-proof. As much as air-gapping sounds as the best technique to overcome data breaches, in reality, the story is quite different.

Can air-gapped computers be hacked?

If experts are to be believed, then any machine which can be accessed by humans have the potential of being hacked. In the case of air-gapped computers, one of the easiest ways in which the machine can be compromised is through USB devices. Moreover, even though many of you might think that this situation can be avoided by limiting access to the air-gapped computer, there are several other methods through which data breach can take place.

The TEMPEST attack is another means through which an air-gapped computer can be hacked. In this method, the hacker makes use of FM receiver to spy on what is displayed on the computer display. The building of covert acoustical mesh networks is yet another way through which air-gapped computers can be hacked.

Ways to secure air-gapped computers

Now that it is clear that air-gapped computers to are equally prone to security threats, several organizations are looking for ways in which they can solidify their security measures. Here are some of the ways through which you can protect the air-gapped machine:

1. Disable USB ports

Every removable USB ports and media slots like CD drives needs to be disabled. By disabling the USB ports, no external media can be attached to the computer and chances of data infiltration can be automatically brought down.

2. Audio of the air-gapped system should be turned off

There is ample evidence that data can be transmitted between computers by using sound sent through built-in microphones and speakers. By creating covert acoustic mesh networks, hackers can pick up information through soundwaves which are inaudible to the human ear. Moreover, even though the hacking technique works up to 65 feet between two machines, it can be easily extended using a mesh network.

The best way to overcome the challenge is by either disabling the audio in all air-gapped systems or employing audio filters to block sound within a specific frequency range. Audio intrusion detection guards are also recommended to analyze and detect suspicious activities.

3. Use of virtual desktop infrastructure

Virtual desktop infrastructure is highly useful in cases where several apps need to be run on the internet. The virtual infrastructure isolates the session from the data center – making it easier for operators to adopt stronger security measures.

Installing TEMPEST-style radio frequency protection and keeping the cell phones away from the desktop are other ways to protect the air-gapped computer.

For more information on data security

Read our latest reports on IT security

You might also be interested in:

Top 20 Vendors in the Global Consumer Endpoint Security Market

The Growing Market for Data Protection as a Service in APAC