Bridgeware: the air-gap malware Academic Article uri icon

abstract

  • Many organizations store and process sensitive information within their computer networks. Naturally, such networks are the preferred targets of adversaries due to the valuable information they hold. Securing computer networks is a complex task involving the installation of endpoint protection, maintaining firewalls, configuring intrusion detection and intrusion prevention systems (IDSs and IPSs), and so on. However, regardless of the level of protection, a persistent attacker will eventually find a way to breach a computer network connected to the Internet. Consequently, if a network stores sensitive or classified information, an 'air-gap' approach is often used to prevent such a breach … Air-gapped networks have no physical or logical connection to public networks (such as, the Internet). Such networks are often used in cases where the information stored in, or generated by, the system is too sensitive to risk data leaks, for example …

publication date

  • January 1, 2018