Covertly Removing Data From Air-Gapped Networks

By Mordechai Guri

Mordechai Guri is Head of R&D at the Ben-Gurion Cyber Security Research Center and co-founder and the Chief Scientist at Morphisec Endpoint Security Solutions. He manages academic research in various aspects of cyber-security for the commercial and governmental sectors. His research topics include OS security, advanced malware, Moving Target Defense (MTD), mobile security and embedded systems.

In the world of network security, the term air gap refers to a situation in which the computer network is physically separated from other networks, particularly, less secure and public networks such as the internet. Today, air-gapped networks are widely used in military defense systems, critical infrastructure, the financial sector, and other industries.

The air gap isolation is maintained by enforcing strict policies in the organization, which include forbidding external unsecure devices and media from connecting to the network and by using advanced intrusion detection and prevention systems to eliminate intentional and accidental security breaches.

Access all of The Cipher Brief’s national security-focused expert insight by becoming a Cipher Brief Subscriber+ Member.

Sign Up Log In

Related Articles