L'insulation physicsalso known as network isolation or air gap is a protection technique that involves physically disconnect a system or network from the rest of the infrastructure connected to the Internet or other unsecured networks.
This means that isolated data and systems cannot be directly compromised by cyber attacks or other unsecured sources.
🔹 Air gap principles
- No network connection The isolated computer or network has no direct connection to external networks (neither the Internet nor other potentially vulnerable internal networks).
- Manual data transfer If data needs to be exchanged, this is done via removable media (USB sticks, external hard drives, CD/DVDs, cartridges, etc.) or via strictly controlled procedures.
- Protection against cyber attacks a system air-gapped is very difficult to hack remotelybecause it cannot be reached via the Internet or network connections.
👉 Examples of how air gap is used
- Critical infrastructures These include nuclear power plants, dam management systems and air traffic control.
- Military & Defence Classified systems, strategic military networks.
- Financial institutions servers containing ultra-sensitive data.
- Industry PLCs (SCADA), production systems.
🔹 Limits and risks
- Risk of attack via physical media an attacker can use an infected USB key to compromise the system (example : Stuxneta computer worm that infected Iran's nuclear centrifuges despite an air gap).
- Complexity of implementation This isolation complicates the management of updates and data exchanges.
- Vulnerabilities through hidden channels Some attacks exploit advanced techniques such as electromagnetic waves or acoustic vibrations to extract information from an air-gapped system.
