The Cyber Security Head Game – Psychology Today

The Cyber Security Head Game – Psychology Today

The question is not whether you’ll change; you will. Research clearly shows that everyone’s personality traits shift over the years, often for the better. But who we end up becoming and how much we like that person are more in our control than we tend to think they are.
Icon Check Circle Gray Verified by Psychology Today
Posted September 12, 2022 | Reviewed by Abigail Fagan
Recently, the cyber arm of Homeland Security, CISA, announced a new, North Korean sponsored ransomware attack on health care systems, and the Center for Strategic and International Studies just listed 89 major international cyberattacks in 2022 alone, including a recent China-sponsored compromise of vital telecommunication systems.
As if these incidents weren’t sobering enough, CISA also warned that Russia, in retaliation for US support of Ukraine, could compromise vital US infrastructure such as mobile networks, banks, power and energy systems, in the same way Russian hackers took down the Colonial Pipeline system last year, causing severe fuel shortages.
In sum, we find ourselves in a never-ending, low-level global cyber conflict that threatens to erupt into a major cyber war at any time… and we are not winning that conflict.
As the former CTO of the US Intelligence Community and current Chairman of the Board of the US Technology Leadership Council, I can say with confidence that the problem isn’t our technology. We invented the internet and still have the deepest technical resources of any country in the world, so our cyber defenses, including access controls, anti-malware, firewalls, secure computing platforms, intrusion/data loss detection systems and AI cyber defense systems are second to none. But, as the gloomy statistics show, having an impressive array of cyber defense weapons hasn’t been enough.
General George S. Patton, way back in World War II, was eerily prescient about our current difficulties when he observed. To win battles you do not beat weapons—you beat the [soul] of the enemy man.
What Patton meant was that war is more a test of wills than a battle of weapons, so, without the right mindset, an impressive arsenal of weapons won’t save you.
Another famous General, Sun Tsu, suggested one way out of our difficulties when he observed “All war is deception.” If you’re not a student of war, an intuitive way to understand the role of deception in conflict is to observe the successful camouflage (becoming invisible) and mimicry (looking like a scarier animal than you are) of prey animals, shown in these photos.
Just as the predators of the fish below are never going to go away (which is why this fish camoflages itself and sports huge fake eyes to scare predators), cyber predators also will never go away.
And the best of these cyber predators will continue to penetrate even the strongest defenses, because the exponential increase in IT system complexity, which makes it increasingly difficult to even understand the full extent of what you’re defending, favors cyber attackers over cyber defenders. So we need to assume that some hackers will inevitably get inside our networks and thus we must adopt strategies of deception, similar to those employed successfully by our fish here, to lessen the harm from competent hackers, who manage to get up close and personal.
We also need to create doubt in hackers’ minds, about the benefits of attacking us in the first place, in the same way that the poisonous Cane toad avoids attacks from predators who know the toad’s skin has lethal poison glands, and milk snakes, who have no poison, but discourage would-be predators by mimicking the coloration of coral snakes, who definitely do have deadly venom.
Here are some examples of cyber deception and deterrence that could reduce, or entirely avoid, damage that hackers who gain access to our networks might create.
Ideas such as these have circulated in the cyber security community for years, and some companies actually offer tools that allow defenders to deceive and track would-be attackers. But corporate and government lawyers and policy overseers, nervous about lawsuits and PR blowback, generally discourage the use of cyber deceit, and are outright allergic to the idea of tracking and attacking those who attack us, because such countermeasures start to look a lot themselves like illegal hacking. Indeed, in cyberspace, unlike the physical world where we are entitled to defend ourselves if assaulted, self-defense (“hacking back” as I’ve suggested) is not currently legal in the US.
In other words, we lack the will to do what nature, in her infinite wisdom, has encouraged grasshoppers, fish, toads, snakes and countless other species to do for millions of years. And because war, as General Patton observed, is fundamentally a test of wills, not weapons, we can expect to lose many important cyber conflicts going forward, because our adversaries, lacking legal or moral constraints, have stronger wills than we do.
Following a “cyber 9-11” where our banks, transportation, communication or health care systems fail, our laws and policies will probably adapt, eventually, to recognize modern realities, and allow us to actively defend ourselves in cyber space.
But until that happens, we will continue to lose cyber wars on the most important battlefield of all: the one inside our heads.
Eric Haseltine, Ph.D., is a neuroscientist and the author of Long Fuse, Big Bang.
Get the help you need from a therapist near you–a FREE service from Psychology Today.
Psychology Today © 2022 Sussex Publishers, LLC
The question is not whether you’ll change; you will. Research clearly shows that everyone’s personality traits shift over the years, often for the better. But who we end up becoming and how much we like that person are more in our control than we tend to think they are.


Leave a Comment

Leave a Reply

Your email address will not be published.

Phonies, Phishing, & Functionaries: Risks In Buying And Selling NFTs – Fin Tech – United States – Mondaq

POWER PLAYERS Cyber Security & Data Privacy 2022 – Distinguished Advisers — Financier Worldwide – Financier Worldwide

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure | CISA – US-CERT

Amazon Web Services' cybersecurity chief Steve Schmidt lays out his outlook for the rest of 2022 – CNBC