Trust Framework on Exploitation of Humans as the Weakest Link in Cybersecurity

Abstract

T he significance of cybersecurity is increasing in our daily digital lives. The reason for this rise is that human interactions take place in computer-mediated environments, or cyberspace, where physical cues from face-to-face interactions are either absent or very minimal. Computer users are becoming increasingly susceptible to cyberattacks as a result of human interactions in cyberspace. Understanding how cybercriminals exploit the human trust, the weakest link in cybersecurity is relevant because cybercriminals focus on attacking the human psychology of trust rather than technical-based controls. To this end, the present paper develops a trust framework on exploitation of humans as the weakest link in cybersecurity. The framework is established by linking the human psychology of trust and techniques used by cybercriminals in deceiving and manipulating users of computer systems. The framework is validated by demonstrating its application using a case study employing real data. Findings show that cybercriminals exploit human trust based on trust development processes and bases of trust, either creating (falsified) expectations or a relationship history to lure the victim in. Furthermore, it is revealed that technical-based controls cannot provide effective safeguards to prevent manipulation of the human psychology of trust.