Build-A-Cyber-Attacker: Simulating Attackers to Reflect Myth and Folklore in Cyber Threat Analysis

Abstract

This practitioner’s working paper explores the application of simulation exercises in cyber threat analysis, finding that the creative integration of conceptual frameworks like folklore and myth in practical instructional assignments and discussions can familiarize students with the influence of myth and folklore in their analysis.  Simulation in this context is concentrated on the process of thinking through a series of events in an exercise, rather than focusing on the outcome.  Prior research on simulation found that students were more likely to complete assignments on time and finish course projects with higher grades when they imagined when and how they would study.  This practitioner’s paper will present a working sample of simulation exercises, including a simulation exercise where graduate intelligence and military students were asked throughout the course to simulate and create the mythos of their own cyber threat attacker group, including their attacker group target portfolio and an outline of how they might respond to threats.  These working exercises suggestively demonstrated the complexities of simulating the cultural and operational challenges of cyber threat attacker groups.  These students had creative freedom to simulate these cyber threat encounters, even without foundational background or expertise in the countries or cultures they simulate.  This exploratory practitioner’s working paper suggests simulation can introduce further dimensionality to cyber threat intelligence analysis.