Adrian Johnson
TLDR:
– The Intelligence Advanced Research Projects Activity (IARPA) has launched a program called Reimagining Security with Cyberpsychology-Informed Network Defenses (ReSCIND) to combat cyber attacks
– The program aims to exploit cognitive limitations and biases in human decision-making to disrupt cyber attacks, focusing on the attackers’ cognitive weaknesses
The US Government is taking a new approach to combat cyber attacks by using psychology, through a program called Reimagining Security with Cyberpsychology-Informed Network Defenses (ReSCIND). The Intelligence Advanced Research Projects Activity (IARPA) has launched this program to revolutionize cybersecurity defenses by targeting the cognitive weaknesses and biases of cyber attackers.
ReSCIND aims to integrate traditional cybersecurity measures with the emerging field of cyberpsychology to create a new type of cyber defense technology. By focusing on the psychology of cyber attackers, the program aims to penalize attackers with wasted time and effort, delay attacks, and more rapidly expose their identities.
The program has awarded research contracts to several teams, including Charles River Analytics, Inc., GrammaTech, Inc., Peraton Labs, Raytheon Technologies Research Center, and SRI International. There will be four years of test and evaluation work conducted by the University of Maryland Applied Research Laboratory for Intelligence and Security, MIT Lincoln Laboratory, Lawrence Livermore National Laboratory, and MITRE.
ReSCIND’s structure is divided into three phases. In the first 18 months, the program will focus on identifying cognitive vulnerabilities relevant to offensive cyber operators. In the subsequent 15 months, it will research and develop Cyberpsychology-informed Defenses (CyphiDs) to disrupt cyber attack behavior. The final 12 months will concentrate on providing algorithms for automated adaptation of these solutions based on observed behavior.
ReSCIND’s approach is not only about creating new cyber defense technologies but also understanding the psychology behind cyber attacks. By moving away from a purely technical perspective and taking a holistic approach, the program aims to develop more effective strategies to protect against cyber threats.
