Mental DOS - Mental Malware Defenses Define the Future

“Information Security,” often now known as “Cybersecurity.” is a very new aspect of a very old art. “Cognitive Security” is the term used by the emerging segment of companies and structures developing to address the evolution underway as this new form of attack and defense matures. The tactics, techniques, and procedures (TTPs) of attackers in traditional cyber malware campaigns are now being used by cognitive threat actors in ways that map directly to the experiences of cybersecurity defenders.

On the global and national stage today, threat actors launch cognitive DOS (Denial of Service) campaigns regularly and manage these over time. These campaigns use the neural networks (hardware) and cognitive processes (software) of hosts (people) to run sets of self-reinforcing code. The population of infected hosts is typically divided into three groups which each run resonant sets of code: Pro, Con, and Other.

Individual hosts in target groups run code produced by a campaign. Hosts accept and execute this code to realize cognitive rewards in the form of feelings such as justification, revenge, social cohesion, self satisfaction, and other goals specific to the host. 

In the context of the overarching attack campaign the three sets of cognitive code achieve connected ends. Large amounts of available resources (time, information sharing capacity, information processing capacity) are consumed in a predictable model by all infected hosts in the Pro and Con target groups, while the Other target group becomes less connected to all hosts and less efficient and available for performing nominal functions.

Like any large infected network, once the populations of infected hosts are established operation of the campaign is a matter of modifying code bases and delivering command and control signaling to adjust desired behavior of infected hosts.

The perception that a campaign is in support of one of the target populations running one of the major code bases at the expense of another other major set of hosts is a foundational mechanism of the structure and operation of many of these campaigns. Process prioritization structures of all three sets of hosts are used to provide the cognitive malware more resources and a greater capability to produce desired actions including propagation of code updates to other infected hosts.

Alignment with the primary goals of a campaign is not a requirement for individual artifacts used in the structure or operation of the deployed operational network. Efficacy of achieving operational goals such as maintaining intended levels of total aggregate cognitive activity consumed, total cognitive activity consumed as a share of all aggregate cognitive activity, and advancing strategic narrative threads are primary determinants of individual artifact content. There is no evidence that the primary mission goals of current campaigns align with the goals of individual hosts among Pro target groups.

These campaigns are now operating at repeatable maturity levels, with processes and skills developed and exercised and campaigns operating in full production environments. Defensive measures in most public and private enterprises are either absent or based on best efforts of individuals.

Darwinian forces are going to be driving increased maturity of Cognitive Security defenses as enterprises lose competitive capabilities in their absence.

#unisys #cogsec #dbom