|
|
|
|
|
|
by gateorade
1251 days ago
|
|
|
The story about how data had to be manually transferred between the unclassified and classified networks might seem odd to people not used to how this world works, but it's extremely common to this day and absolutely necessary in certain scenarios. If you have a network that must be absolutely secure, both to data extraction and the injection of malicious software, airgapping the network and tightly controlling writable media is the only option. See STUXNET [1]. These days there are some solutions where the high-side and low-side networks are only pseudo airgapped with things like data-diodes or cross-domain guards [2] but these are really only implemented in scenarios where the frequency of high-side to low-side transfers (and vice versa) necessitates it and/or in relatively low-security (but still classified) networks. 1. https://en.wikipedia.org/wiki/Stuxnet
2. https://en.wikipedia.org/wiki/Cross-domain_solution |
|
|