The Limitations of Air Gapping in SCADA Systems
Overview
Air gapping is a widely recognized security measure used in Supervisory Control and Data Acquisition (SCADA) systems to prevent unauthorized access from external networks. The principle behind air gapping is to physically isolate critical operational technology (OT) environments from IT networks and the internet, thereby reducing the risk of cyberattacks. However, as this case study illustrates, air gapping does not eliminate cybersecurity risks and can give organizations a false sense of security.
Air Gap
Server
Internet
Background
In 2024, a large company, referred to as “TargetCo,” employed air gapping as a primary security measure for its SCADA systems managing critical infrastructure. TargetCo believed that this separation from the internet and corporate network ensured their systems were immune to cybersecurity threats. However, a subsequent incident revealed several vulnerabilities inherent to relying solely on-air gapping for security
Incident Description
Despite air gapping, TargetCo's systems were compromised when an insider threat emerged. An employee inadvertently introduced malware into the SCADA environment through a removable USB device used to transfer operational data from a connected system. The malware was designed to exploit known vulnerabilities in the SCADA software and bypassed various security measures in place.
Six Key Findings
Conclusion
The incident at TargetCo serves as a cautionary tale that underscores the limitations of air gapping as a standalone security solution for SCADA systems. While air gapping can reduce surface exposure to cyber threats, it does not negate all risks. Organizations must adopt a comprehensive cybersecurity strategy that includes regular threat assessments, insider threat mitigation, robust physical security measures, continuous monitoring, and patch management, alongside air gapping, to truly protect their critical infrastructure.