Design and Validation of a Threat Model Based on Cyber Kill Chain Applied to Human Factors.

This document’s purpose is to study the impact of the cognitive domain in cybersecurity as a field, including its implications in cyberdefense and cyberspace, a domain that has gained traction in the last years due to the growing use of new technologies in everyday life. In addition, the investigation will focus on humans’ cognitive biases, how they influence decision making and how an hypothetical malicious individual could use these intrinsic vulnerabilities of the human mind in their favor to push misinformation campaigns, elaborate social engineering attacks or manipulate other people. Finally, a Cyber Kill Chain will be elaborated with the aim to illustrate the steps that the aforementioned attacker could take in order to achieve their goals successfully. The designed methodology will also be tested in a real-life scenario and will be validated by experts in the fields of cybersecurity and psychology.