"IARPA's Plan to Hack the Brains of Hackers"
The leading research agency of the Intelligence Community is moving forward with a plan to create new cybersecurity defenses by exploiting the decision-making biases and cognitive weaknesses of would-be hackers. Reimagining Security with Cyberpsychology-Informed Network Defenses (ReSCIND) is a program for which the Intelligence Advanced Research Projects Activity (IARPA) has issued a broad agency announcement soliciting contract bids. The solicitation describes a 45-month, three-phase program with the objective of identifying cognitive vulnerabilities relevant to cyberattackers and cognitive models to predict attacker behavior. The ultimate goal is to develop Adaptive Psychology-informed defenses involving specific defenses based on attacker behavior. Cyberpsychology has developed into the study of human interactions with Internet-connected devices, often focusing on domains in which web-based tools have the potential to impact mental health, such as social media, or also influence decision-making, such as e-commerce. This article continues to discuss the ReSCIND program that looks to exploit psychological biases among hackers for cyber defense.