Cultural exploration of attack vector preferences for self-identified attackers

The examination of digital events through the prism of a quantitatively represented cultural framework allows for a new perspective on existing cyber security issues and events. When the cultural framework is applied to a large set of data, simple statistical analysis can be applied, allowing the researchers to quantify, characterize, and model specific aspects of human behavior. One advantage of quantitatively analyzing culture is that quantitative methods limit the ability of the researcher to inject implicit biases. By analyzing a large number of attacks over a 10-year period of time, exploration into patterns that may reflect cultural norms can be undertaken. This study examines a group of self-attributed attackers to determine if the chosen attack vector coincides with specific cultural values. If an attack vector can be viewed as a tool, then different cultures may exhibit preferences for specific tools. The Zone-H data collected from 2005 to 2014 for self-identified attackers in 36 countries were examined along 7 different attack vectors. These data were examined using Hofstede's cultural framework for contextual purposes. The findings showed several attack vectors that associated with unique cultural characteristics, and other attack vectors results were limited to more general characteristics. These findings contribute to the growing body of knowledge that support examination of cyber behaviors in cultural and provide additional insights into cyber actors' online behaviors.