How Hackers Think: A Study of Cybersecurity Experts and Their Mental Models

34 Pages Posted: 18 Sep 2013 Last revised: 25 Apr 2014

See all articles by Timothy Summers

Timothy Summers

Arizona State University

Kalle J. Lyytinen

Case Western Reserve University - Weatherhead School of Management

Tony Lingham

Case Western Reserve University

Eugene A. Pierce

Case Western Reserve University

Date Written: September 20, 2013

Abstract

Hackers account for enormous costs associated with computer intrusion in a world increasingly reliant on computer and Internet-based technologies. Within the hacker community, there are “good” hackers called white hat hackers and “bad” hackers called black hat hackers. Essentially, one identifies ways to protect information systems while the other identifies ways to exploit those information systems. Regardless of what type of hacker a person is, identifying system weaknesses requires logical reasoning and the ability to systematically think through possible actions, alternatives, and potential conclusions. This combination of reasoning and systematic thinking implies the use of mental models. Hacking is a cognitive activity that requires exceptional technical and reasoning abilities. In this domain, a mental model can be thought of as a hacker’s internal representation of the components and operating rules of an extremely complex software and hardware system. Mental models help hackers describe, explain, and predict system attributes and behaviors. The literature is filled with analyses of motives and incentives to engage in hacking but lacks in explaining how hackers actually process knowledge and/or think about systems. It is the intent of this research to address this gap by analyzing how hackers identify and solve problems, make inferences as to reach decisions and implement solutions.

Keywords: Hackers, cybersecurity, expertise, mental models, cognitive framework, cognition, psychology, sociology, problem solving, decision making, patterning

Suggested Citation

Summers, Timothy and Lyytinen, Kalle J. and Lingham, Tony and Pierce, Eugene A., How Hackers Think: A Study of Cybersecurity Experts and Their Mental Models (September 20, 2013). Third Annual International Conference on Engaged Management Scholarship, Atlanta, Georgia. September 19-22, 2013. Paper 3.3, Available at SSRN: https://ssrn.com/abstract=2326634 or http://dx.doi.org/10.2139/ssrn.2326634

Kalle J. Lyytinen

Case Western Reserve University - Weatherhead School of Management ( email )

10900 Euclid Ave.
Cleveland, OH 44106-7235
United States

Tony Lingham

Case Western Reserve University ( email )

10900 Euclid Ave.
Cleveland, OH 44106
United States

Eugene A. Pierce

Case Western Reserve University ( email )

10900 Euclid Ave.
Cleveland, OH 44106
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
2,209
Abstract Views
6,861
Rank
13,994
PlumX Metrics