Cyberattacks have recently affected everything from meat producers to gasoline pipelines, and the potential impact of these online attacks is significant. Now, experts from the U.S. Department of Energy’s Pacific Northwest National Laboratory (PNNL) are developing new cybersecurity technology that’s designed to trick hackers and prevent serious cyberattacks.
Experts designed a new tool called Shadow Figment, which creates a fake online world that mimics the way real online portals would respond to hackers. The system depends on software engineers who work behind the scenes to trick hackers into interacting with imaginary sites so that they can’t harm real targets. This gives time for experts to come in so they can face the threat.
“Our intention is to make interactions seem realistic, so that if someone is interacting with our decoy, we keep them involved, giving our defenders extra time to respond,” said researcher Thomas Edgar.
Electricity grids, pipelines, and water systems are all controlled by intricate online systems. A cyberattack on any one of these systems, which are often controlled by a multitude of devices, could put consumers’ health and safety at serious risk.
With Shadow Figment, the system creates a distraction for the attacker that will interact much in the same way that the intended system is designed to respond. Using machine learning techniques, the software studies the actual system and then comes up with a harmless replica for hackers on-screen; this deceives criminals into thinking they’ve easily gotten into their desired point of attack.
The technology is successful because it tricks the hackers into thinking their maneuvers are successful, which keeps them engaged in the “attack” for longer periods of time. The researchers gave the example of tampering with the temperature in a server room that needs to remain cool to function properly; Shadow Figment will indicate that the temperature in the room has gone up, which would prompt the hacker to continue on with their attack.
The goal is to keep the hackers involved in the fake world so that software engineers can study their behaviors and work to prevent a serious attack. The more time the hacker spends in Shadow Figment, the more time that engineers have to work on the defense.
“We’re buying time so the defenders can take action to stop bad things from happening,” said Edgar. “Even a few minutes is sometimes all you need to stop an attack. But Shadow Figment needs to be one piece of a broader program of cybersecurity defense. There is no one solution that is a magic bullet.”
While there is still a patent pending for Shadow Figment, the technology is designed to benefit and protect everyone.
“The development of Shadow Figment is yet another example of how scientists are focused on protecting the nation’s critical assets and infrastructure,” said researcher Kannan Krishnaswami. “This cybersecurity tool has far-reaching applications in government and private sectors -- from city municipalities, to utilities, to banking institutions, manufacturing, and even health providers.”