SUMMER 2025 DIGITAL - Flipbook - Page 23
IT & IT SECURITY
GPSJ
David Trossell
as GoldenDealer and GoldenAce.
The malware is launched as
soon as the USB drive is plugged
into the server that stores the
air-gapped data. It then selfreplicated and mixes with other
malware to cause havoc.
Some malware that is used
in this kind of attack copies
documents, images, encryption
keys and OpenVPN con昀椀guration
昀椀les, as well as other sensitive
data. When the USB drive is
reconnected to an internetenabled device, it sends the data
to a C2 server. Therefore, WAN
Acceleration is only one part
of the strategy in ensuring that
air-gapped data is safe. Other
measures – including employee
screening – and policies about
USB drive use also need to be
put in place to keep data secure.
Comprehensive strategies
To summarise, cybersecurity strategies should be
comprehensive to prevent any
kind of cyber-security attack from
exploiting any kind of vulnerability.
It’s therefore vital to consider all
possibilities. While airgaps come
some way to protect data, that
data also needs to be securely
replicated and stored elsewhere
so that it can be available – even
if disruption is caused by malware
being launched from a USB drive.
Nevertheless, air-gapped
data needs WAN Acceleration
whenever data needs to be sent
to and recovered from disaster
recovery sites at speed without
being impinged by latency,
packet loss or poor bandwidth
utilisation. This is particularly
crucial in banking and 昀椀nance,
defence, healthcare and in
other key sectors where data is
of the utmost importance and
sensitivity.
GOVERNMENT AND PUBLIC SECTOR JOURNAL SUMMER 2025
23
