Risk Psychology & Cyber-Attack Tactics
By: Rubens Kim , Stephan Carney , Yvonne Fonken and more
Potential Business Impact:
Finds how minds make hackers choose attacks.
We examine whether measured cognitive processes predict cyber-attack behavior. We analyzed data that included psychometric scale responses and labeled attack behaviors from cybersecurity professionals who conducted red-team operations against a simulated enterprise network. We employed multilevel mixed-effects Poisson regression with technique counts nested within participants to test whether cognitive processes predicted technique-specific usage. The scales significantly predicted technique use, but effects varied by technique rather than operating uniformly. Neither expertise level nor experimental treatment condition significantly predicted technique patterns, indicating that cognitive processes may be stronger drivers of technique selection than training or experience. These findings demonstrate that individual cognitive differences shape cyber-attack behavior and support the development of psychology-informed defense strategies.
Similar Papers
Towards Proactive Defense Against Cyber Cognitive Attacks
Cryptography and Security
Predicts new ways bad guys trick minds.
Evidence of Cognitive Biases in Capture-the-Flag Cybersecurity Competitions
Cryptography and Security
Helps computers learn how hackers think.
Quantifying Loss Aversion in Cyber Adversaries via LLM Analysis
Cryptography and Security
Helps computers spot hacker fears to stop attacks.