An air-gapped computer is often heralded as an impervious defense to an online attack, but is that really true? Is there some way that a hacker from outside can infiltrate an air-gapped network?

Let's explore some ways that an air-gapped computer can be compromised by an online threat.

What Is an Air-Gapped Computer?

Before we can explore how an air-gapped computer protects you from online threats, we need to understand how you air-gap a PC in the first place.

The term "air-gap" is a fancy way of describing a device that has no internet connectivity. We're not talking about when your broadband goes down; this is about physically disallowing connections from the internet to reach the computer.

Air-gapping a PC sometimes goes a little further than just unplugging its Ethernet cable or disabling its Wi-Fi. This is because you sometimes want some network connectivity so the air-gapped PC can communicate with others in a local network.

In this case, to be truly "air-gapped," the PC, and every PC it's connected to, needs to be disconnected from the internet. When this happens, it creates an air-gapped network, allowing the PCs to talk to one another without exposing themselves online.

It's important to ensure every PC on the network is disconnected from the internet, because hackers can use an internet-connected computer as a staging ground. Once they've infected that, they can then attack other PCs on the local network, even if those devices don't have internet connectivity.

By bringing the PC and all connected devices offline, you put a wall of air between the internet and your system—hence, "air-gapping." This tactic follows the mantra that the best way to protect a system from hackers is to not let it go on the internet in the first place.

As an anti-hacking tactic, air-gapping works very well. By removing the internet connection from a PC, you prevent cybercriminals from getting direct access to it. If a hacker did want to access it directly, they'd have to approach or get close to its physical location.

How Air-Gapped Computers Come Under Online Attack

So, an air-gapped computer cannot come under direct attack from an online agent. This doesn't mean it's completely safe from online attacks, though; it just means the cybercriminal will take an indirect route to get to your air-gapped computer.

Attacking Air-Gapped Computers Using USB Devices

One route a hacker can take is infecting a USB drive.

The idea is that the hacker plants malware onto a USB stick attached to an internet-connected computer. This USB stick is then taken out of the PC and plugged into an air-gapped PC. From here, the virus on the USB stick "crosses the air-gap" and infects the target PC.

It's a little tricky for a hacker to use this method to extract information, as they need to make sure the USB device is plugged into the air-gapped device, then back onto the internet-connected device so it can upload the data. However, this method is perfect for an attacker wanting to do damage and nothing more.

Stuxnet used this as its method of attack. Stuxnet was a virus developed between the US and Israel to hinder Iran's nuclear program. It's an interesting case, as it's a perfect example of both compromising an air-gapped system and the future of cyberwarfare.

Related: What Are Cyberwarfare, Cyberterrorism, and Cyberespionage?

Stuxnet worked by targeting the uranium centrifuges and instructing them to spin so fast that they tore themselves apart. Meanwhile, the virus would infect the system diagnostics and tell it that everything was fine so as to not alert anyone. One in five of Iran's nuclear centrifuges were destroyed this way.

Of course, Iran's nuclear system was air-gapped to protect it from online threats. To get Stuxnet onto the air-gapped network, the virus developers had it infect a USB stick that was then plugged into the target computer. From here, Stuxnet spread through the internal network and attacked more centrifuges.

Attacking Air-Gapped Computers Using Social Engineering

Air-gapped computers have another flaw: the humans that operate them. A hacker may not be able to directly connect to an air-gapped device, but they can trick or persuade someone into doing their bidding for them. This tactic is called social engineering.

For example, if a hacker knows that a specific employee has access to the air-gapped computer, they may bribe or threaten them into doing what the hacker wants. This could involve copying files off of the server or plugging in a USB stick to perform an attack like the above example.

If a hacker knows the company's infrastructure, they may impersonate a higher-up employee to one with access to the target computer. They can either hack the manager's account directly or make an email account with a similar address to the company's own.

Using this fake persona, the hacker then sends an email to the employee asking them to access the secure PC. From here, they can get the employee to send over files, delete items, or install rogue software. The employee believes they're just doing as the manager tells them, despite the real manager knowing nothing about it!

Scratching the Surface of Threats to Air-Gapped Computers

We've focused purely on how online threats can still affect an air-gapped computer. But we've yet to scratch the surface on how someone can compromise a PC when they're close-by, and the methods they can use are truly staggering.

From listening to the read-write cycles of a hard drive to mapping out keystrokes, there are numerous ways a cybercriminal can hack an offline PC. As such, air-gapping should be one of a few steps towards securing your PC.

Mind the (Air) Gap

Air-gapping is a fantastic way to protect a device from online threats, but it's by no means impervious. Malicious agents can still manipulate the people using those PCs to carry out their bidding.

If you're interested in other ways a hacker can attack an offline device, check out side-channel attacks. They're slightly rarer than USB malware or social engineering, but they still pose a threat to private systems.

Image Credit: Stanslavs / Shutterstock.com