Using psychology to bolster cybersecurity

In an article for Communications of the ACM, David Geer explains how the U.S. Defense Department uses cyberpsychology to get into the minds of attackers to better understand how they think and act.

A new cyberpsychology research program, Reimagining Security with Cyberpsychology-Informed Network Defenses (ReSCIND) from the U.S. Defense Department’s Intelligence Advanced Research Projects activity (IARPA, https://bit.ly/3V39fk8), focuses on how cybercriminals act and think.

According to IARPA program manager Kimberly Ferguson-Walter, the ReSCIND program aims to study the cyberpsychology of cybercriminals in order to isolate the weaknesses in how they think to improve cybersecurity. […]

Ferguson-Walter has hypothesized several cognitive biases that could apply to influencing attacker behavior. New defender solutions could use these biases to get an attacker to believe they had achieved a lot of obfuscation inside the network so they will take more chances. That could make it easier for defenders to catch them.