The list was created over the course of 15 years, but the last four of the frameworks emerged last year, proof of an increased interest by threat actors to target isolated systems. Only malware components working together to create an offline, covert communication channel between air-gapped networks and a threat actor were taken into consideration for the study.

Air-gapped networks are meant to protect highly sensitive data, which makes them appealing targets for highly-motivated adversaries, such as nation states, which have the necessary resources to mount attacks against these isolated systems.