Risk Psychology and Cyber Attack Tactics

Abstract

Cybersecurity breaches are increasing in frequency and complexity, emphasizing the need to comprehend technical vulnerabilities and attacker behavior. This study examines the impact of individual cognitive traits and experimental framing on the selection of cyber techniques in a controlled virtual environment. Drawing on data from two treatment conditions (ADMC vs. control), we examined behavioral outcomes in 64 participants using psychometric assessments, skill-based performance metrics, and in-scenario technique choices mapped to the MITRE ATT&CK framework. We used both multinomial logistic regression and UCLA-style binary logistic models to test whether individual differences—such as open-mindedness (GRIPS), cognitive reflection (CRT), and resistance to framing (ADMC_RC2)—as well as treatment group, predicted the likelihood of choosing specific reconnaissance and attack techniques. In these models, Initial Access was used as the base technique for comparison. While multinomial models provided insights into relative strategy preferences across multiple categories, the binary UCLA models revealed more detailed effects of individual traits on the likelihood of choosing key techniques such as Lateral Movement or Collection. Preliminary results indicate that individual predictors are overall weak, but early trends suggest that framing conditions may interact with trait profiles to influence technique diversity and decision-making. These findings contribute to the growing intersection of cybersecurity and behavioral science, with implications for attacker modeling, adaptive defense, and mitigating cognitive vulnerability.

Keywords: Cybersecurity, Cognitive Biases, Decision Making

DOI: 10.54941/ahfe1007049