Adversarial mindset, Critical thinking and Philosophy | 27 Oct 2021


I'm not a full-time philosopher or critical thinking expert. But, being an offensive security specialist I'm very much interested in this topic, I would like to share my thoughts on adversarial mindset, philosophy, and critical thinking in the context of cyber security. I will keep updating this page as I learn and understand more.

Let's think about human history! Humanity has witnessed the rise and fall of a thousand kingdoms, along with their strugles, battles and advancements they have been through. Its also observable that how each generation enhanced their fortresses by applying knowledge gained from previous conflicts and attacks. Through the pursuit of ultimate offensive strategies, adversaries devised the next best attack or invasion plans and waged wars. At the same time, there were new kingdoms and civilizations with much better capabilities to defend the adversaries and keep the invaders at bay.

History has seen a huge number of these events such as rise and fall of empires. The adversarial mindset and tactics evolved over the generations of human history, playing an important role in either building or destroying civilizations. This shows the evolution of adversarial mindset and its impact on the progress or downfall of civilizations. We could notice the repetitions in modern day warfare as well. But in this blog post, I'm only going to talk about the significance of adversary mindset in the field of cyber security.


Understanding the Adversarial Mindset.


What is Adversary mindset? OR What is Adversarial mindset?
The adversarial mindset is the ability to think like an actual adversary or an attacker. It is all about stepping into the shoes of the attacker, and malicious threat-actors to anticipate their moves, strategies, and tactics.

This approach goes beyond conventional security measures by exploring security weaknesses and vulnerabilities that might be missed most of the time. By having the mindset of the enemy or thinking like the enemy, cyber security professionals, red team operators OR professional hackers will be able to think outside the box, gain a deeper insight into potential vulnerable points and measure the efficacy of existing defense systems.

Being curious and having an adversarial mindset are the key traits of a true hacker!


Let's talk about Hacker Mindset.


Usually, in my training sessions or even in casual discussions, I tell everyone that we can teach you security, but we cannot teach you the hacker mindset - it has to come from within!
Having hacker mindset is all about curiosity, creativity, and problem-solving. I would say that being curious is the most important thing for developing a true hacker mindset. It involves understanding how systems work, exploring their boundaries, pushing things to the limit, learn new things – teaching others, and identifying weaknesses or glitches.
Having such mindset is not exactly malicious, but the intent can range from improving security and building or breaking systems to becoming a threat actor. Yes, you read that right. A sharp mindset can lead you down either a good path or an evil path. That’s where we must draw the line.


Red Team and Offensive Security Operations.


In the offensive cyber security industry, having an adversarial mindset is ultimate. Professional hackers and penetration testers leverage this perspective to uncover security issues, exploit vulnerabilities, and mimic known attack scenarios. By adopting the mindset of a malicious threat-actor, security professionals can uncover security gaps before an actual threat actor or malicious hacker groups.

Similarly, red team operations think outside the box and simulate real-world threats to assess an organization's defense posture, detection, and response capabilities following the People-Process-Technology format. The adversarial mindset is the key motivator behind the red team operator to perform these exercises. The proper assessment of an organization's cyber defense capabilities enables the cyber security teams and management folks to fine-tune the security strategies, prioritize improvements, and develop effective incident response plans.


What is critical thinking?


Richard Paul and Linda Elder define critical thinking in The Foundation for Critical Thinking, as below;

Critical thinking is that mode of thinking - about any subject, content, or problem - in which the thinker improves the quality of his or her thinking by skillfully analyzing, assessing, and reconstructing it.


In layman’s language, critical thinking is the process of actively and objectively analyzing, evaluating, and synthesizing information, arguments, or situations to make decisions or judgments. It offers a proper process and approach to help us to reach logical conclusions.

But, how does it help us with cyber security? Whether its offensive or defensive security; critically examining and questioning security and defense systems, policies, assumptions, potential vulnerabilities, adversary groups or threat-actors; critical thinking enhances the ability to identify, respond proactively to cyber threats and develop effective defense systems.
I'm not implying that we need to become a critical thinking and philosophy expert, but taking some time to explore these concepts with reading or research can enhance the abilities of security professionals and contribute to the professional slash personal growth.


Adversarial Mindset Challenge: Exercise


Red team operations and development is a favorite book of mine, written by Joe Vest and James Tubberville. An inspirational, realistic collection of thoughts on adversarial mindset, methodologies and TTPs for red team professionals.
The book has a dedicated exercise section for adversarial mindset challenges. I’m going to include one scenario from the book for you to think critically and come up with a logical answer.

Challenge instructions: Alternative thought processing

Contemplate the following and think of areas in which common misconceptions or bias influence how security is implemented or approached in your organization.
Given the red dots are areas in which combat aircraft are often hit during engagement, what does the following diagram indicate? What would be your recommendations for additional armoring of the aircraft?

Solution: Alternative thought processing

I respect the authors of these challenges and I certainly dont want to reveal the solution here in this blog.
I hope you have figured out the answer to this scenrio. Anyway, the solution for this critical thinking scenario was mentioned in the red team operations and development book. Also it can be found under the Adversarial Mindset Challenge section in the REDTEAM.GUIDE website hosted by the book authors.


The cover image refers to Theyyam, which is a famous ritual art form that originated in the southern part of India. Image credits goes to unsplash.com
The mindset challenge image credit belongs to redteam.guide

Last updated on 30 Nov 2024

Go back to Blog and Random Thoughts