SUMMER 2025 DIGITAL - Flipbook - Page 22
GPSJ
IT & IT SECURITY
When Air-Gaps Need
WAN Acceleration
By David Trossell, CEO and CTO of Bridgeworks
The most critical means of maintaining service continuity is to protect an organisation’s backups 昀椀rst before
anything else. Any failure to recognise that cyber-criminals comprehend see backups as any large, medium or
small companies’ Achilles Heel, could lead to a signi昀椀cant amount of downtime and lost, irreplaceable data,
rendering any organisation null and void.
An article in Hacker News,
published on 17th June 2025,
‘Backups Are Under Attack: How
to Protect Your Backups’, writes:
“Ransomware has become a
highly coordinated and pervasive
threat, and traditional defences
are increasingly struggling to
neutralise it.”
“Today’s ransomware attacks
initially target your last line
of defence — your backup
infrastructure. Before locking up
your production environment,
cyber-criminals go after your
backups to cripple your ability to
recover, increasing the odds of a
ransom payout.”
The UK’s National Security
Cyber Centre adds: “Backups
are an essential part of an
organisation’s response and
recovery process. Making regular
backups is the most e昀昀ective
way to recover from a destructive
ransomware attack, where an
attacker’s aim is to destroy or
erase a victim’s data.”
Early-stage attacks
The Centre says that attacks
on backups and network
infrastructure quite often
occur during the early stages
of a destructive ransomware
attack. To make it impossible to
recover from an attack, cybercriminals delete or destroy data
to increase the threat and the
likelihood of a ransom being
paid out to them. Stored data
that’s connected to a network –
including the public internet or to
the cloud – is therefore potentially
22
under signi昀椀cant threat from
ransomware actors.
To prevent this from
happening, measures have to be
put in place to make it impossible
for them to attack the data in the
昀椀rst place. The primary method
of protecting data – whether
it is stored on tape or disk – is
to create one or more airgaps.
They disconnect the data from
any public network, reducing
the likelihood of any threat actor
being able to access, steal,
hold captive or delete the data.
However, data can be stored on
an internal, secured local area
network as part of an air-gapping
strategy.
Nevertheless, there will be
occasions when the data must
be recovered or migrated to
di昀昀erent sites that might be
located thousands of miles away.
This might be to support disaster
recovery, or to simply have
duplicate copies of the data on
other servers in other datacentres
or disaster recovery sites around
the world.
Man with a van
If the data is stored on tape or
disk, transportation could be
done using a man with a van
approach, but that would take
time and the vehicle could end up
being stolen. The most obvious
way to transport data would be
to use a Wide Area Network
(WAN) – including the internet - or
to host it in the cloud.
When data is hosted in the
cloud, it can be accessed
GOVERNMENT AND PUBLIC SECTOR JOURNAL SUMMER 2025
from multiple points if the right
permissions are given to access
it. However, for the most sensitive
data, this approach can be highly
risky. As soon as the data is
connected to a public network, it
becomes a potential target and
vulnerable to attack.
Network latency and packet
loss could also make the task of
transmitting 100 Gb/s of data
di昀케cult to achieve, too. They can
make a network sluggish and
reduce bandwidth utilisation.
SD-WANs and WAN Optimisation
are great technologies, but
they won’t necessarily improve
network and data performance,
because latency can only be
mitigated and not resolved.
times faster than standard WAN
connections – including WAN
Optimisation. That not only saves
time and money but also makes
it easier to prevent data from
backups that is being transferred
from one location to another
harder for cyber-criminals to
divert and to unlock.
This includes encrypted data
that is stored o昀툀ine on tape and
disk, which may be required
elsewhere – temporarily meaning
that when an airgap has to be
bridged to expedite the data
elsewhere, it has to be done
securely and then, when the
data is at rest, an airgap can be
reinstated by ensuring that data
is disconnected from any public
network.
Mitigating latency
So how can you mitigate latency?
Well, increasing the bandwidth
of your pipes won’t make much
di昀昀erence. WAN Optimisation
can’t handle encrypted data,
and in terms of its performance,
it doesn’t live up to what its
vendors claim. SD-WANs also
bene昀椀t from a WAN Acceleration
overlay in the pursuit of high
network performance, and faster
data transfer speeds. They, too,
are a great technology, but they
often need a boost.
What organisations need
today is the ability to use arti昀椀cial
intelligence, machine learning
and data parallelisation to
mitigate them – in other words
- WAN Acceleration. It permits
encrypted data to be sent and
received at a rate that’s up to 200
Airgaps can be attacked
Sead Fadilpašić, writing for
TechRadar, nevertheless
warns that even airgaps can be
attacked. In his October 2024
article, ‘European government
systems hit by air-gap malware
attack, he points out: “Hackers
have managed to steal sensitive
information from air-gapped
systems belonging to di昀昀erent
European governments on at
least three separate occasions,
experts have warned.”
So, if the data is air-gapped,
how can cyber-criminals still get
access to it to deliver malware?
Well, a threat actor such as
GoldenJackal, which targets
governments in Europe and Asia,
uses infected USB drives to
deliver and launch malware, such
