“The vast majority of cyber-attacks have everything to do with psychology and very little to do with technology, hence the surge in cyber criminality.”
The Financial Times features a letter from Paladin Managing Director Nazo Moosa, responding to Innovation Editor John Thornhill’s observations on the exponential escalation in cybercrime.
Nazo shares Paladin’s view that cyberattacks are based on “social engineering”, succeeding because they abuse our natural tendency to trust. “We need to factor the human into the equation when developing tech solutions”, she writes. Solutions include those that detect and disrupt false narratives developing online, technologies and applications that actively identify online harms such as cyber fraud.
Professor Mary Aiken, Chief Scientist Safety Tech and Strategic Advisor to the Paladin Capital Group emphasizes the utility of the science of cyberpsychology in the battle against cybercrime and cyber-attacks specifically. In her recent paper, “The Enterprise Strikes Back”, she builds on the work of IARPA’s ReSCIND program (Reimagining Security with Cyberpsychology-Informed Network Defenses) arguing for the development of tech solutions to tech-facilitated harmful and criminal behavior, and makes a case for greater industry-led active cyber defense strategies.
An example would be deploying “cognitive disruptive operations” that respond to a socially engineered attack by using pre-trained large language models to mimic the usual dialogue of the attacker’s target. This response would “waste the attacker’s resources on a decoy and in the long-term exhaust, disrupt, and foil their capabilities.”
Prof. Mary Aiken maintains that it is critical that data, information, systems and networks are protected from cyber-attacks and are robust, resilient and secure. However, it is equally critical that the people who operate and use these systems are psychologically robust, resilient, safe and secure, therefore, appropriate solutions are required.
Paladin Capital Group has invested in cyber tech for nearly two decades. The investment required to address the threat has grown rapidly, tracking the profound digitisation of our lives. We recognised that this demanded a new way of thinking on cyber criminality by factoring in cyber safety solutions, and have supported the UK Government’s safety tech sector initiative and research. Paladin’s 2024 report on the International State of Safety Tech will be published soon.
Only through a combination of cyber safety and cybersecurity can we deliver greater resilience and protection.