• News
  • Security
  • Products
  • About Seqrite
Seqrite Blog Blog
  • News
  • Security
  • Products
  • About Seqrite
Home  /  Cybersecurity  /  Are air-gapped networks completely secure?
Are air-gapped networks immune to cyberattacks?
17 December 2020

Are air-gapped networks completely secure?

Written by Seqrite
Seqrite
Cybersecurity
Estimated reading time: 2 minutes

An air-gapped network (or system) is isolated from all other networks. This essentially means that the system or the network is physically not connected to any outside network, whether it is the internet or a local area network. The term “air-gapped” is derived from plumbing and refers to the air gap used to maintain water quality.

Coming back to computer networks, air-gapped networks are primarily seen in high-security environments like military and government networks, intelligence systems, nuclear power plants, or avionics. The key motivation behind installing air-gapped networks is the sense of security it provides to the enterprise.

How do air-gapped networks work?

Since air-gapped networks have no network interfaces, they theoretically have no wired or wireless connections to the outside world. Their wireless controllers are disabled which renders the entire network a “closed system”. The only way for data to enter or exit this kind of network is through using physical mediums like USB Drives or CD-ROMs.

Air-gapped networks are generally used to isolate critical infrastructure from the corporate network so that such crucial information is not compromised. These assets are integral to the organization and could cause irrevocable damage if lost. That’s why security administrators prefer to contain such information in air-gapped networks that have no connection with the overall corporate network.

Yet, air-gapped networks may also provide a false sense of security. There is an inherent assumption that, since air-gapped networks do not have any access point, they are completely secure and. Hence, do not need to be examined or assessed from a security standpoint. Unfortunately, that kind of perspective may often lead to security problems.

Are they truly secure?

Firstly, air-gapped networks can still be accessed through physical storage devices. As we have observed, USB devices are commonly used to propagate various types of malware. They can be used for a range of malicious activities such as data exfiltration, installation of malware & keylogging devices, etc.

The biggest example of this kind of malicious activity was the Stuxnet worm. Discovered in 2010, it caused substantial damage to Iran’s nuclear program, causing centrifuges to tear apart. The worm was introduced to the environment through infected USB drives, hence providing a stark reminder that air-gapped networks can be compromised with great effect.

Secondly, even though air-gapped networks are separated from the outside world, they aren’t separated from another key cybersecurity threat: human beings themselves. Social engineering remains a key threat factor and, in this type of situation, the risks are magnified. Insider threats like rogue employees can still be used to access the air-gapped network. Employees with access to specific air-gapped networks might find their removable storage media infected with malware which when inserted into an air-gapped system, could go on to infect the system and the network.

Isolation does not guarantee security!

Ultimately, as technology advances, there is no guarantee that mere isolation from an outside network will keep an air-gapped system safe. There have been instances where data exfiltration has happened through other methods also, such as unknown backdoors introduced into software/hardware, FM frequency signals, thermal hacking, or through Near-Field Communication (NFC).

The takeaway is that air-gapped networks don’t need to be completely secure solely based on their isolation. Enterprise networks must also implement cybersecurity measures for these networks with an added emphasis on access controls and removable storage. Organizations can consider Seqrite’s range of network & server security solutions to bolster their air-gapped systems.

 Previous PostCybersecurity in the holiday season: minimizing the risk of cyber...
Next Post  RAT used by Chinese cyberspies infiltrating Indian businesses
Seqrite
About Seqrite

Follow us for the latest updates and insights related to security for enterprise networks. Subscribe to our newsletter to stay...

Articles by Seqrite »

Related Posts

  • How to avoid dual attack and vulnerable files with double extension?

    April 9, 2021
  • Protect enterprise endpoints against their use for illicit activities

    Defend your business systems from being used for illegal purposes

    March 23, 2021
  • New Spear Phishing Campaign using Army Welfare Education Society's Scholarship Form

    New Spear Phishing Campaign using Army Welfare Education Society’s Scholarship form

    March 22, 2021

No Comments

Leave a Reply.Your email address will not be published.

Cancel reply

CAPTCHA Image
Refresh Image

Popular Posts

  • New Spear Phishing Campaign using Army Welfare Education Society’s Scholarship form New Spear Phishing Campaign using Army Welfare Education Society’s Scholarship form March 22, 2021
  • 5 Security measures you should take to protect your organization’s network 5 Security measures you should take to protect your organization’s network August 11, 2017
  • Nation-states shoot from somebody else’s shoulder Nation-states shoot from somebody else’s shoulder March 10, 2021

Featured Authors

  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Viraj Talikotkar
    Viraj Talikotkar

    Viraj is a Lead Technical Writer at Quick Heal Technologies. He is always on...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of...

    Read more..

Latest Posts

  • How to avoid dual attack and vulnerable files with double extension?

    How to avoid dual attack and vulnerable files with double extension?

    April 9, 2021
  • Cryptocurrency Malware: Bitcoin Mining threats you need to know about

    Cryptocurrency Malware: Bitcoin Mining threats you need to know about

    April 4, 2021
  • Zloader: Entailing Different Office Files

    Zloader: Entailing Different Office Files

    March 23, 2021

Stay Updated!

Topics

Antivirus For Linux (10) apt (10) Bitcoin (9) BYOD (9) COVID-19 (10) Cyber-attack (31) cyber-attacks (56) cyberattacks (12) Cybersecurity (284) cyber security (26) Cyber threat (29) cyber threats (44) Data (11) data breach (50) data breaches (27) data loss (28) data loss prevention (33) data protection (21) data security (13) DLP (49) Encryption (16) endpoint security (103) Enterprise security (14) EPS (9) Exploit (12) firewall (11) GDPR (10) IoT (10) malware (59) malware attack (23) malware attacks (12) MDM (25) Network security (18) Patch Management (12) phishing (17) Ransomware (56) ransomware attack (29) ransomware attacks (30) ransomware protection (12) Seqrite (24) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (10)

Products

  • Endpoint Security (EPS)
  • Seqrite Encryption Manager
  • Seqrite Endpoint Security Cloud
  • Cloud Security
  • Seqrite mSuite
  • Seqrite Workspace
  • Unified Threat Management
  • Antivirus for Server
  • Antivirus for Linux

Resources

  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies

About Us

  • Company Overview
  • Leadership
  • Why choose SEQRITE?
  • Awards & Certifications
  • Newsroom

Archives

  • By Date
  • By Category

© 2020 Quick Heal Technologies Ltd. (Formerly Known as Quick Heal Technologies Pvt. Ltd.) Cookie Policies Privacy Policies

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website.
By browsing this website, you agree to our cookie policy.