Do you recall those thrilling espionage films where characters use computers completely disconnected from the network? Or perhaps you’ve heard of that journalist who needs to access highly classified documents but requires a computer with no network connectivity.
An Air Gap Computer is a unique and highly secure computing system designed to operate without any physical or logical connection to external networks or devices. The fundamental principle is to isolate the computer from the outside world, effectively creating a “gap” to prevent unauthorized access and data breaches.
These systems are typically used in environments that deal with highly sensitive information, such as government agencies, military facilities, and research laboratories.
The Isolation:
The primary advantage of an Air Gap Computer lies in its complete isolation. The isolation ensures that the computer is virtually impenetrable from outside intrusions.
- Protection from Remote Attacks: Air Gap Computers are highly resistant to remote attacks, as there is no direct network connection to exploit
- Data Protection: Sensitive data stored on an Air Gap Computer remains inaccessible to external actors, minimizing the risk of data leaks.
- Prevents Malware Transfer: By limiting physical access to the computer, the risk of malware being transferred to the system is significantly reduced.
But we have also some challenging and limitations points.
- Data Transfer: Transferring data to and from an Air Gap Computer requires manual methods like USB drives, which can be a tedious process.
- Maintenance: Keeping the system up to date with the latest software and security patches can be challenging due to the lack of online connectivity.
Building an Air Gap Computer with VirtualBox
While creating a true Air Gap Computer with VirtualBox is not feasible due to the inherent nature of virtualization, we can simulate an isolated environment that replicates some features of an Air Gap system.
Step 1: Set up VirtualBox
Install VirtualBox on your host system, and then download a Linux distribution ISO file to create a virtual machine.
Step 2: Create a Linux Virtual Machine:
Create a new virtual machine in VirtualBox and select the Linux ISO file you downloaded as the boot media. Follow the installation process to set up the virtual machine.
Tails is a Debian-based Linux distribution specifically designed with privacy and anonymity in mind. It operates as a live system, meaning it can be booted from a USB drive or DVD without leaving any traces on the host system. Tails routes all internet connections through the Tor network, ensuring that users’ online activities are kept anonymous and private.
But if you’re new to the Linux world and just trying it out before getting more serious, you can also use Ubuntu. You will also find a large community in case of problems.
Step 3: Configure Network Settings:
To simulate the air gap environment, we need to disable the virtual machine’s network adapter.
This will prevent the virtual machine from having any network connectivity.
Step 4: Enable Shared Folders:
To transfer files between the host system and the virtual machine, we can use shared folders.
I share a link, which will quickly explain how to do this (command line and images)
https://linuxhint.com/virtualbox_shared_folders/
Step 5: Disable Clipboard Sharing:
To ensure complete isolation, disable clipboard sharing between the host and the virtual machine.
Step 6: Keep Virtual Machine Offline:
Ensure that the virtual machine remains offline throughout its use. Avoid enabling the network adapter or connecting any USB devices unless necessary for specific tasks.
While VirtualBox does not provide a true Air Gap Computer, we have successfully simulated an isolated environment that mimics some of the features of an Air Gap system.
Air Gap Computers remain essential tools in the arsenal of cybersecurity professionals, ensuring that critical systems and sensitive data are protected from external threats. By understanding their differences and applying their principles in appropriate scenarios, we can bolster the security of our digital world.
Extra section:
We can take further steps to enhance the isolation and security of the virtual machine. Here are some additional measures to consider:
- Disable USB Support:
In the VirtualBox settings for the virtual machine, go to the “USB” tab, and uncheck “Enable USB Controller.” This prevents the virtual machine from accessing any USB devices, minimizing potential points of entry for malware or data leaks.
2. Disable Drag and Drop:
In the VirtualBox settings for the virtual machine, go to the “General” tab, and set the “Drag’n’Drop” option to “Disabled.” This prevents any drag-and-drop actions between the host system and the virtual machine.
3. Use Dedicated Hardware:
Consider running the virtual machine on a physically separate and dedicated computer instead of the host system. This approach provides an additional layer of isolation, reducing the risk of potential attacks on the host system affecting the virtual machine.
