Hacking has become an integral part of our digital lives, and every organization has experienced its ill effects at some point, regardless of the stature or size. But one common aspect that runs across all organizations that have experienced hacking is that some part of their infrastructure was connected to the Internet. This brings up some important questions — do you need the Internet to hack into a system? If yes, how can you stay offline and protect your data? Can a strategy that is known as air-gapping help?
Let’s start with the first question.
Do you need the Internet to hack?
For the most part, yes!
Though there are many advanced techniques such as electromagnetic radiation spying, radio waves, computer heatmaps, and more for hacking, most hackers are unaware or don’t have the capabilities to pull them off.
Also, these techniques require ideal conditions, and it’s hard for average hackers to replicate them at their will.
In all, you can hack a computer that is not connected to the Internet, but the chances are abysmally low. Also, the efforts and infrastructure to pull off such a hack are enormous, and it won’t be worth it for most hackers unless you have extremely sensitive data that organized hacking cartels or government-backed agencies need. Even in these cases, there is no 100% chance for someone to hack into your system.
Overall, your infrastructure is safe for the most part if it’s not connected to the Internet.
This leads us to the next question. How can you stay offline and protect your data?
The simple answer would be to pull the system off the network and isolate it. But the inconvenience, security aspects, and costs can be enormous.
So, can air-gapping be the ideal solution to protect your data from hackers? Let’s find out.
What is air-gapping?
Air-gapping is the process of isolating a computer from a network or a system. This air-gapped computer is not even connected to other systems that are connected to the Internet, so it’s impossible to access this system through the Internet.
Ideally, these air-gapped systems are used for storing credit/debit card details, military data, control systems for critical infrastructure, and other sensitive information. This air-gapped system is often also physically removed from the other computers in the organization to reduce the chances of a physical steal-in.
Note that using just a software firewall to isolate a system is not air-gapping, as these firewalls can be breached through security vulnerabilities, misconfigurations, or both.
To give you an amusing visual idea of how hard it is to actually hack an air-gapped computer, check out this YouTube clip of Tom Cruise hanging from a ceiling and accessing a computer in the iconic “Mission Impossible” movie.
And this may be the easiest way to access an air-gapped device!
Is air-gapping secure?
Air-gapping seems like a secure strategy as it does not interact with other systems. But then, is it truly safe?
Well, first off, note that data is transferred to air-gapped systems through a USB or flash drive storage since it is not connected to any other system and there is no other way to move confidential data to it.
And this is also its security vulnerability as a malicious piece of code, often called a worm, virus, or Trojan, can be inserted into the air-gapped system through these flash drives.
A good example of this form of attack is a computer worm called Stuxnet that was first introduced to penetrate Iran’s nuclear facilities. In this infrastructure, the centrifuges were stored in air-gapped systems, and they were infiltrated through the Stuxnet worm from the USB files.
This worm exploits the unknown Windows vulnerabilities and infects the systems into which they are infected. At the same time, Stuxnet masks the controllers, and hence, it is difficult to identify Stuxnet’s presence until it’s too late.
Radio and mobile signals
Israel has developed a hacking mechanism using radio and mobile signals to steal data remotely from air-gapped and other systems.
It is believed that the NSA uses this method to siphon off data and passwords from remote systems using transceivers (combination of transmitters and receivers), though the exact working remains largely unknown.
No air-gapped system is safe from authorized personnel. This means if an employee who is authorized to use this system decides to compromise it, there’s very little that an organization can do.
Sometimes, employees can also unwittingly delete or even corrupt an air-gapped system, so that’s something to consider as well.
Ultrasonic sound waves
Do you know that two systems can exchange data via ultrasonic waves? Though it may sound ridiculous, it is anything but!
A group of researchers in Israel’s Ben Gurion University found that they can reverse the connected speakers to leverage an audio chip feature and, through it, convert the speakers into listening devices. Though it requires expert knowledge to set up this communication flow, it is not impossible, and can be done within just a few hours!
All these go to show that air-gapped systems are a good strategy to store sensitive data, but it may not be as safe as you think.
Should you consider air-gapping?
From the above discussion, it’s clear that air-gapping is not 100% foolproof but can save your data from most hackers.
In other words, if a government agency or a large hacking cartel wants your data, they can steal from an air-gapped system. But, on the other hand, your data is safe from hackers who want to steal records to sell them on the dark web.
Also, most of the hacking strategies we discussed earlier are those developed by researchers for academic purposes and have not been implemented in real-time except for the virus. Further, you need precise conditions for these hacks to work, and it is not possible to replicate them always.
So, should you consider air-gapping? The answer depends on the kind of data you store. If it is credit-debit card details and PII of your customers and employees, air-gapping can protect you greatly from a possible hack. But if you have highly sensitive information such as military secrets, air-gapping alone will not help.
Besides, maintaining an air-gapped system is expensive as you have to protect that device from unauthorized access and implement security measures around it. Further, this is a single point of failure, so you could lose all the data if the system fails due to natural reasons.
Hence, a better approach would be to invest in top-notch security and monitoring systems that can identify vulnerabilities and even automatically plug them before hackers attempt to enter your network. This has to be backed by excellent security policies within the organization that reduces the chances of an attack.
Would you agree with this point of view? Please share your thoughts in the comments section.
Featured image: Shutterstock