Some computers should not be connected to the Internet

Just after the US Presidential election ended, it was revealed that computers at the headquarters of both campaigns had been infiltrated by malicious software planted by an unknown foreign entity. I wrote, at the time, that some computers are too important to be networked.

Recent events make this even truer.

The Wall Street Journal recently reported (Electricity Grid in U.S. Penetrated By Spies) on their front page that

Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials. The spies ... were believed to be on a mission to navigate the U.S. electrical system and its controls.

Then, there was the spying on the Office of His Holiness the Dalai Lama (OHHDL) as part of the larger hacking enterprise dubbed Ghostnet. A report, The snooping dragon: social-malware surveillance of the Tibetan movement,  by Shishir Nagaraja and Ross Anderson at the University of Cambridge, documents how the infiltration of OHHDL started with maliciously crafted Word documents attached to scam email messages. The report says:

This worked because the attackers took the trouble to write emails that appeared to come from fellow Tibetans and indeed from co-workers. This combination of well-written malware with well-designed email lures ... is devastatingly effective. Few organisations outside the defence and intelligence sector could withstand such an attack, and although this particular case involved the agents of a major power, the attack could in fact have been mounted by a capable motivated individual ... As social-malware attacks spread, they are bound to target people such as accounts-payable and payroll staff who use computers to make payments. Prevention will be hard.

The message seems clear, computers storing sensitive or business critical information, simply should not be connected to the Internet. The report mentions one case of this.

In view of continuing concerns about industrial espionage, strict separation is indeed practiced in some sectors. We are aware of one company that maintains totally separate networks for design work and external communications; the typical lab has PCs that connect to the CAD/CAM system, and PCs of a different colour that connect to the Internet. Draconian physical and procedural controls try to prevent data leakage from one network to the other. 

If your business, or life, can be severely impacted by outsiders having access to the files on a particular computer, you owe it to yourself and/or fellow employees to ratchet up the inconvenience for the sake of security.

A new computer makes a good choice for holding sensitive files as it, most likely, will arrive un-infected with malware. Netbooks may be a good choice because their small size means they can fit it most any safe. On the other hand, their wireless radios will need to be disabled both physically and logically (disable the network connection in Windows).

Or, use a new computer as an Internet communication device and keep existing computers housing sensitive/critical files offline.  The danger here is that the sensitive machine may already be infected with malware, many such infections are not obvious and no one anti-malware program catches everything.

Computers connected to the Internet face constant danger and the bad guys have a huge advantage, they only need the good guys to make one mistake. Even computers that are well defended can still have a fatal flaw.

For example, it's very hard to keep up to date on patches for all the installed software. And, even if all patches are applied immediately, there are, at times, known software bugs without patches, leaving a period of vulnerability. Not to mention the time between when a security vulnerability is first discovered and when the general public hears about it, a time during which you can't avoid using the buggy software. 

Then too, there's always human error.

All this argues in favor of keeping sensitive files off-line. The Internet is a dangerous game and one that some computers shouldn't be playing.