Risk Psychology & Cyber-Attack Tactics

TL;DR

This study investigates how cognitive processes influence cyber-attack behaviors, revealing that individual psychological differences significantly predict attack techniques used, regardless of expertise or training.

Contribution

It demonstrates that cognitive factors are key predictors of cyber-attack tactics, highlighting the importance of psychology-informed approaches in cybersecurity defense.

Findings

Psychometric scales significantly predicted attack technique use.

Effects varied by specific attack technique.

Expertise and training did not significantly influence technique patterns.

Abstract

We examine whether measured cognitive processes predict cyber-attack behavior. We analyzed data that included psychometric scale responses and labeled attack behaviors from cybersecurity professionals who conducted red-team operations against a simulated enterprise network. We employed multilevel mixed-effects Poisson regression with technique counts nested within participants to test whether cognitive processes predicted technique-specific usage. The scales significantly predicted technique use, but effects varied by technique rather than operating uniformly. Neither expertise level nor experimental treatment condition significantly predicted technique patterns, indicating that cognitive processes may be stronger drivers of technique selection than training or experience. These findings demonstrate that individual cognitive differences shape cyber-attack behavior and support the development of psychology-informed defense strategies.