Incident responders at Sygnia say attackers entered through an internet facing system, then used the authentication stack to reach a network its operators believed was cut off from the internet.
For roughly ten years, attackers maintained a foothold inside a network its operators believed was cut off from the internet, walking in through a vulnerable internet-facing system, compromising the authentication stack, and using it as a tunnel into the supposedly isolated zone. The case, documented by incident-response firm Sygnia and reported by BleepingComputer, is the most extended public example of a pattern security researchers have been tracking for years: a perimeter labeled "air-gapped" turning out to be neither sealed nor, in any practical sense, isolated.
The intrusion began in 2016 and persisted until discovery in 2026, according to Sygnia's reconstruction. The firm attributes the operation to Velvet Ant, a Chinese state-aligned threat group. The target is described only as a "large organization" running critical infrastructure. No victim is named in the public write-up.
The most important finding is not the duration. It is the route. The attackers did not need a hidden cable into the air-gapped segment. They entered through an internet-facing system on the perimeter, then moved laterally to systems that, by design, had no direct path to the outside. The bridge between the two worlds was the authentication stack, the same identity services the rest of the organization relied on. Whoever controlled the stack could see the administrative activity of the supposedly isolated zone and operate inside it as though they were part of the team.
This collapses a long-standing mental model. An "air gap" in security architecture is a network-architecture label, not a security guarantee. It describes a topology. It does not describe trust. When the identity layer is shared across the boundary, or when administrative paths cross the boundary, the gap becomes a corridor rather than a wall. Sygnia's reconstruction of the incident treats the authentication compromise as the operative failure, not the topology itself.
There is prior art. Sygnia and Cisco both publicly warned of Velvet Ant activity in 2024, including a campaign that targeted F5 BIG-IP devices and operated undetected for three years. The 2026 case shows the same operator refining the playbook: target the perimeter, then turn the identity layer into the long-haul path. The decade-long dwell time is the headline number. The structural lesson is older than the campaign.
Three caveats are worth keeping in view. This is a single case study, reconstructed by the incident-response vendor paid to investigate it. The "decade" figure is Sygnia's timeline, not an audited record. And the attribution to Chinese state-aligned actors is the researchers' assessment, based on tooling and tradecraft, not a court finding. None of that erases the architectural point. It just means the case should be read as a working model, not a verdict.
The constructive lesson for defenders is straightforward and not new. Assume the air gap is porous. Harden the internet-facing edge as though it were the only thing standing between the network and a patient adversary. Instrument the identity layer for compromise, not just for login. And segment trust inside the supposedly isolated zone so that administrative visibility into one segment does not translate into control of the rest. "Air-gapped" is a useful layer. It is not a substitute for the other layers it was once thought to make unnecessary.
What to watch next is whether a named victim, a regulator, or an independent responder corroborates the timeline. Sygnia's write-up dubs the campaign "Operation Highland," but the codename is the firm's, not the industry's. Until another party confirms the decade figure, the structural lesson is what carries.