Security News > 2021 > December > How to protect air-gapped networks from malicious frameworks

ESET researchers present their analysis of all malicious frameworks used to attack air-gapped networks known to date.

"Unfortunately, threat groups have managed to find sneaky ways to target these systems. As air-gapping becomes more widespread, and organizations are integrating more innovative ways to protect their systems, cyber-attackers are equally honing their skills to identify new vulnerabilities to exploit," says Alexis Dorais-Joncas, who leads ESET's security intelligence team in Montreal.

"For organizations with critical information systems and/or classified information, the loss of data could be hugely damaging. The potential that these frameworks have is very concerning. Our findings show that all frameworks are designed to perform some form of espionage, and all the frameworks used USB drives as the physical transmission medium to transfer data in and out of the targeted air-gapped networks," explains Dorais-Joncas.

Detection and mitigation methods to protect air-gapped networks against malicious frameworks.

Perform regular analysis of the system - Performing a regular analysis of the air-gapped system to check for malicious frameworks is an important part of security in order to keep data safe.

"Maintaining a fully air-gapped system comes with the benefits of extra protection. But just like all other security mechanisms, air gapping is not a silver bullet and does not prevent malicious actors from preying on outdated systems or poor employee habits," comments Dorais-Joncas.

News URL

https://www.helpnetsecurity.com/2021/12/07/malicious-frameworks-air-gapped-networks/