Once upon a time (I always wanted to start a blog post like that) the air gap considered a primary defense. If your computer wasn’t connected in any way to the Internet, then it was safe. Safe from viruses, safe from external attackers, it the gap between the computer and the Internet protected your computer,
In 2010, that all changed. Stuxnet was a malicious computer virus that installed itself via a USB drive. Even if your computer was not connected to the Internet, it was still vulnerable. In particular, it attacked SCADA systems, but the end result holds true. Any computer/computing device, whether or not it is actively connected to the Internet, is vulnerable.
What does this say to me? It says that we have to be careful of our assumptions. We assumed that because a computer wasn’t on the Internet, it wouldn’t get a virus. My first encounter with a virus was actually transmitted by floppy disk, so the idea of an air gap solving all was only after the Internet was prevalent.
We forgot what we learned from floppy disks and had to relearn it with USBs.
Going forward, what else can we learn from past events? George Satyana said “Those who cannot remember the past are condemned to repeat it.”. We need to learn from history, which is the point of the column “With the Benefit of Hindsight”. If there an historical event that resonates with you, then consider the event. What did we learn from it, what should we have done differently, and what can we do going forward.
Submit your article to https://dtrap.acm.org/