Linguistic analysis as a tool for information security

Abstract

The modern digital space is characterized by unprecedented dynamics and complexity of cyber threats. While at the dawn of the computer age the main risks were associated with technical vulnerabilities in software and hardware, today the threat landscape has undergone a fundamental transformation. There has been a significant shift from attacks targeting only machine systems to hybrid campaigns that exploit the weakest link in the security chain - the human factor. Modern cyber threats, such as spear-phishing, Business Email Compromise (BEC), social engineering, disinformation, and insider threats, are becoming increasingly sophisticated and psychologically manipulative. Their effectiveness is not based on "zero-day vulnerabilities," i.e., unknown vulnerabilities that software developers actually had 0 days to address, as these are only discovered at the moment of attack, but on the ability of attackers to manipulate human emotions, cognitive biases, and social norms using natural language.