Air gap
Alternatively called an air wall, air gapping, and disconnected network, an air gap describes a computer with no network interfaces, either wired or wireless. Air gapping is used to secure a computer or network by isolating it from an unsecured network, like the Internet. When a computer is air-gapped, it's easier to control what gets installed because someone would need to have physical access to add software.
Is it possible for a virus to infect an air-gapped system?
Yes. For example, Stuxnet attacked and infected an air-gapped system through a USB (universal serial bus) thumb drive that was connected to a computer on its network.
If an air-gapped computer also had drives, USB ports, Bluetooth, and other ports disabled, it would be almost impossible for a virus or other malware to infect the computer. We say "almost" because scientists have demonstrated more sophisticated methods of attacking an air gap system using acoustic signaling, FM (frequency modulation) signals, NFC (near-field communication), and cellular frequencies. To prevent these types of attacks, an air-gapped computer would require a Faraday cage to block all forms of wireless communication.
Where are air-gapped computers used?
Air-gapped computers are often found in environments working with classified information or that control critical infrastructure. Below are examples.
- Air traffic control systems
- Automotive computer systems
- Avionics or computer systems in planes
- Financial computer systems (e.g., stock exchanges)
- Government systems dealing with classified information
- HVAC (heating, ventilation, and air conditioning) and thermostat systems
- Military systems
- Nuclear power plants
- Oil and gas industrial systems
- Sensitive or life-saving medical equipment
Some systems mentioned above may be remotely monitored or controlled in a controlled network. However, when remote access is granted to an air-gapped system, it's considered a "closed system," not air-gapped.