Air-gapping important computers and data is a security idea that has run its course and urgently needs to be replaced with something better.
That’s according to the US Defense Advanced Research Projects Agency (DARPA), which armed with up to $1.5 billion of funding has started canvassing for better ideas through a program appropriately called the Guaranteed Architecture for Physical Security (GAPS).
As DARPA’s briefing points out, air gapping is conceptually simple but has a fundamental problem – getting it to work comes at a heavy cost:
Keeping a system completely disconnected from all means of information transfer is an unrealistic security tactic. Modern computing systems must be able to communicate with other systems, including those with different security requirements.
In other words, for today’s computers to do useful work, they need to be connected to other computers in some way, the very thing that renders air gapping or data isolation insecure. Adding special protocols to compensate for this ends up making life expensive and difficult.
Interfaces to such air-gapped systems are typically added in after the fact and are exceedingly complex, placing undue burden on systems operators as they implement or manage them.
This isn’t just about physical air gaps but isolation of all kinds, for example keeping data in secure, encrypted enclaves so it can’t be exfiltrated on the quiet.
DARPA’s job is to come up with viable solutions and on that front there appears to be no lack of ambition.
Although still very high-level in nature, what DARPA seems to be asking clever engineers to invent is close to an entirely new security architecture for connecting systems together while moving data between them.
This will be defined by:
- New hardware components and interfaces capable of isolating data during communication.
- New software tools integrating this without reinventing current development platforms.
- Validating that what they come up with works when used by “exemplar” Department of Defense (DoD) systems.
Commercializing the resulting technologies is also an objective of the program. The verifiable security properties created under GAPS may also help create safer commercial systems that could be used for preserving proprietary information and protecting consumer privacy.
Then again, commercializing whatever GAPS turns into could turn the technologies that emerge into something anyone can buy.
With five years to come up with something, DARPA held a proposer’s day on 23 January – the upshot of which has yet to be made public.
GAPS is a huge undertaking, tinged with the irony that the very thing that causes so many problems on physical air-gapped networks is the way computers are connected to one another via global internet protocols – famously a DARPA invention.
And then there’s the fact that one of the spectacular demonstrations of how to beat a physical air gap is widely believed to have been carried out by the US’s own National Security Agency (NSA) during its campaign to sneak Stuxnet into Iran’s Natanz nuclear installation in 2010.
In recent years, researchers have come up with a wide range of increasingly ingenious suggestions as to how air gaps might be defeated by a determined hacker.
In addition to obvious methods such as infected USB sticks, these include using speakers as ultrasonic transceivers, hijacking LED-equipped surveillance cameras for command and control, and perhaps even utilising fan noise for data transfer.
Most of these are complex and far from easy to pull off. If air-gapping security is really on its way out, expect its demise to be a very long goodbye.
11 comments on “What comes after air gaps? DARPA asks world for ideas”
I wonder what they expect to uncover. There will always be a balancing act between security and usability.
Whenever this comes up (and it does come up from time to time), I’m always reminded of the opening credit sequence of Get Smart where the lead spy walks through a series of “security doors” that look like they could be blown over by the big, bad wolf, and ultimately gets dropped through a trap door inside a suspiciously-located telephone booth.
Isn’t that what blockchain is designed to do?
How about the air gapped systems put all their data into a Job system that then goes off the closed network, to a network with the internet or other intranet then sends and request data. While the data is on this Job system it is analyzed (both request and receipt) Basically the worlds slowest webfilter/IDS/firewall. So that there is no live connection for the closed network ever. I’ll take my DARPA prize in Pizza in Beer please.
I was just gonna suggest “turn it off,” but I think you win @Mahhn.
Can I borrow a beer?
better than borrow, you can have beers and pizza with me, I’m not greedy 🙂
It’s a deal, see you there!
Interdimensional gapping using the quantum what ever it does thing lol
Hello , I’m very out dated on new systems so this may not work or even be doable . Take your systems and partition one of the hard drives with the startup code for the classified data plus having a zip drive with the actual program that you have to plug in each and every time you use it . Control the number of zip drives and to be secured any time they are not being used . Network all the in house computers so they don’t use the web just to co work together in the same building and use extremely complex passwords on the main access from the internet plus complex user passwords on each system and computer . Sorry if I wasted your time if this is a bad ideal , just trying to help and on things I really know I can have very good outside the box ideals . Thanks have a productive and safe day .
Unfortunately, internet access is now a requirement, not an option. There is so much data available, and so much new information being created, that it is virtually impossible to realistically set up an isolated system for real work. Stuxnet was implemented on Air-gapped computers by flash drives that were brought into the system to import outside data. Also, there have been really bizarre ways developed to pull data from and insert data into air-gapped computers. Built-in audio hardware can be used with audio frequencies not heard by the human ear to transmit and receive data. Images on computer screens can be recreated with thermal imaging or other electromagnetic emissions. Keyboard presses can be measured by variations in voltage or even fan speed, which reflects voltage variations.
Just modularize the transaction as a task that opens and coses the network route for each transaction. Submit Request > Open Route > Perform transaction > Verify receipt > Close route.
Lots of specialized hardware and network infrastructure. Hermetically sealed terminals, that can transmit atoms of data only if network authorizes on checksum and identity verification of sender receiver. Every human interface point surveilled: No screens, but VR headsets that scan irises, covered keyboards that take fingerprints and photograph hands, etc. Malware may check in, but it can’t phone out.