The word "air gapping" refers to a security
procedure implemented to safeguard a computer system against unauthorized
access.
A computer system must be separated from any local area
network or public wireless network in order to be air gapped.
Because of the sensitive information stored therein, the
military, intelligence agencies, financial institutions, and even certain
advocacy organizations air gap some systems.
Air gapping is primarily a security mechanism, but it may
also refer to a data transmission technique from one classified system to
another.
It's often utilized to transport material from the low side
(unclassified machines) to the high side (classified equipment) (classified
machines).
On the low side, data is cut to a CD-ROM and put on the high
side.
Even isolating the system from the rest of the network may
not be enough to keep it safe.
Recent exploits have shown the importance of air gapping in
critical systems.
A hacker claimed lately that he gained access to a flight
control system through the plane's media network.
The Stuxnet virus, which infected Iranian centrifuges, was
delivered through a USB device linked to the machine.
Even if the system's exterior connections keep it safe from
electromagnetic or other electrical attacks, they can't keep the system safe
from internal errors or threats.
The US government created guidelines to aid air gap computer
systems under the National Security Administration's (NSA) TEMPEST program
(Telecommunications Electronics Material Protected from Emanating Spurious
Transmissions).
To avoid intrusion, the guidelines propose keeping the system at a minimum safe distance and enclosing it in a Faraday cage.
