How Hackers Think: A Study of Cybersecurity Experts and Their Mental Models
34 Pages Posted: 18 Sep 2013 Last revised: 25 Apr 2014
Date Written: September 20, 2013
Hackers account for enormous costs associated with computer intrusion in a world increasingly reliant on computer and Internet-based technologies. Within the hacker community, there are “good” hackers called white hat hackers and “bad” hackers called black hat hackers. Essentially, one identifies ways to protect information systems while the other identifies ways to exploit those information systems. Regardless of what type of hacker a person is, identifying system weaknesses requires logical reasoning and the ability to systematically think through possible actions, alternatives, and potential conclusions. This combination of reasoning and systematic thinking implies the use of mental models. Hacking is a cognitive activity that requires exceptional technical and reasoning abilities. In this domain, a mental model can be thought of as a hacker’s internal representation of the components and operating rules of an extremely complex software and hardware system. Mental models help hackers describe, explain, and predict system attributes and behaviors. The literature is filled with analyses of motives and incentives to engage in hacking but lacks in explaining how hackers actually process knowledge and/or think about systems. It is the intent of this research to address this gap by analyzing how hackers identify and solve problems, make inferences as to reach decisions and implement solutions.
Keywords: Hackers, cybersecurity, expertise, mental models, cognitive framework, cognition, psychology, sociology, problem solving, decision making, patterning
Suggested Citation: Suggested Citation