MoD Targets Human Error in Cyberwar

Psychologists and anthropologists have been enlisted by the Ministry of Defence to help exploit human errors in incoming cyberattacks.

Academics are part of a new government-backed national laboratory for cyberdeception that aims to actively “take the fight to network attackers” rather than rely on passive measures to block incoming digital offensives.

This fresh proactive approach to cyber-defence will focus on using military deception tradecraft in cyberspace to manipulate an enemy — whether a nation state or criminal enterprise — into exposing their identity or sabotaging their own activities.

It marks a departure from sole reliance on passive defences, such as firewalls, which experts no longer believe are sufficient to protect sensitive networks, military platforms and weapons systems. Human cognition will be studied to predict what targets malware will be programmed to seek and how hackers will code their attacks.

This will help experts design ambushes in network defences to deceive malicious software into detonating in specially designed “traps” where its code can be analysed safely without shutting down or scrambling systems. Darren Lawrence, director of the new laboratory and a senior lecturer in behavioural science at Cranfield University, stressed that cyberdeception has nothing to do with disseminating lies.

It is instead about attempting to “create errors in our attackers’ understanding, which changes their sense-making, and then changes their behaviour and actions”, he told The Times. “Their sense of reality is compromised in our favour as defenders, so we can get them to do things we want.”

The initiative convenes experts from the fields of semiotics, anthropology, experimental psychology and physiology. Ciaran Martin, head of the national cyber-security centre, an operational division of GCHQ, has warned that it is a matter of “when, not if” UK critical national infrastructure is successfully targeted.

So far the worst attack, the global WannaCry “ransomware” virus that hit the NHS in 2017, was only deemed a Category 2 incident. It shut down 200,000 health service computers and cost the NHS £92 million.

The MoD has tasked the cyber-unit at its Defence Academy in Shrivenham, Oxfordshire, to partner with Cranfield University, which will lead the initiative. A range of other British, American and Australian academic institutions and private sector cyber-defence contractors will participate.

Air Commodore Tim Neal-Hopes, MoD cyber-chief, said: “The UK is attacked through cyberspace on a daily basis. Cyberdeception is a crucial element of cyberdefence.”