https://thehackernews.com/2021/12/researches-detail-17-malicious.html
"Four different malicious frameworks designed to attack air-gapped networks were detected in the first half of 2020 alone, bringing the total number of such toolkits to 17 and offering adversaries a pathway to cyber espionage and exfiltrate classified information."
"Air-gapping is a network security measure designed to prevent unauthorized access to systems by physically isolating them from other unsecured networks, including local area networks and the public internet. This also implies that the only way to transfer data is by connecting a physical device to it, such as USB drives or external hard disks.""Primarily built to attack Windows-based operating systems, the Slovak cybersecurity firm said that no fewer than 75% of all the frameworks were found leveraging malicious LNK or AutoRun files on USB drives to either carry out the initial compromise of the air-gapped system or to move laterally within the air-gapped network."
"As precautions, organizations with critical information systems and sensitive information are recommended to prevent direct email access on connected systems, disable USB ports and sanitize USB drives, restrict file execution on removable drives, and carry out periodic analysis of air-gapped systems for any signs of suspicious activity."
