Cyber-Attack Psychology

We already know that cyber attackers have a methodology. They usually perform variations on the following theme:

  1. Reconnaissance
  2. Penetration
  3. Entrench
  4. Pivot
  5. Disrupt
  6. Counter Defense is mixed in throughout

But it’s also useful to consider their psychology because it is often different from the thinking used by defenders. When this is true, defenders trying to study and predict behavior by attackers are likely to fail. Sun Tzu teaches us that skilled opponents will find ways to get outside of the limits of our expectations. They will have tools, resources and motivations that are foreign to most defenders. They will employ stealth and counter defensive techniques that are designed to avoid and defeat your protections and prevent you from knowing that it is happening. If their payoff is big enough, they may be willing to spend years compromising a target while most defenders will have moved on to another position or another job during the same time-frame. Any tactics or techniques that you consider to be “out of bounds”, they will consider to give them an advantage. They are willing to take full advantage of any weakness you exhibit, including your limited perception of their ability to defeat you.

What They Don’t Teach You in “Thinking Like the Enemy” Classes

[* you should read the entire article linked above, but here are just a few excerpts from it:]

1. The enemy is not homogenous.
2. The enemy will invest much more resources in staging an attack than you think is worth it.
3. The enemy can and will readily exploit the one thing in our society that we think has made us so advanced and civilized: trust.
4. The enemy is very capable of planning and interweaving multiple attacks across multiple channels to get to their target.
5. The enemy probably doesn’t have everything you have but that doesn’t mean that if we don’t have it they don’t either.
6. The enemy will take advantage of your superego.

Attack Methodology

Comments are closed.