Implementing your air gap
YOU’LL NEED THIS
RASPBERRY PI ZERO (optional) USB stick
IN 2019,
$40 million was stolen from one of the world’s biggest cryptocurrency exchanges, Binance. The hackers did this by compromising the API keys and 2FA codes for Binance’s ‘hot’ Bitcoin wallet. The prevailing wisdom is that sensitive information like financial data should be placed on a machine that can’t directly access the internet. This is best done with an ‘air gap’. Keeping a device physically isolated from other networks makes it far less vulnerable.
Of course, there are ways to jump the gap. Someone with physical access to the machine could carry out an ‘Evil Maid’ attack by installing malware on it. Exploits like RAMBO can steal data by monitoring radio signals, like those emitted by memory buses. Still, these are much more difficult to perform than remote hacking.
In this guide, you’ll learn how to choose a device to air gap, as well as how to move sensitive files to it safely, and disable all networking features.
–NATE DRAKE
1CHOOSE YOUR HARDWARE
\If you’ve already decided that you need an air gapped system, then you probably have an idea of the kind of data you want to protect. If this is just information like private keys for a Bitcoin wallet, consider using a single-board computer, like the Pine64 or Raspberry Pi.