“Air gapping,” or isolating certain systems by keeping them disconnected from the public internet, or any other networks, including your own, has for years been a gold-standard cybersecurity technique.
Air gaps keep cybercriminals away from sensitive data and backups safe from ransomware. They isolate operational technology to ensure that data centers stay up and running no matter what is happening on the networks it houses.
But it’s time for data center cybersecurity managers to take another look at their air gapped systems and the processes they have set up around them. Air gapping on its own isn’t as bulletproof as it once was.
Even completely isolated networks need to have some contact with the outside world from time to time, and researchers at the cybersecurity firm ESET have found a group of hackers working on malware designed to infiltrate air-gapped networks by hitching rides on legitimate files and devices.