A Threat Matrix for Socially Motivated Cybercriminals/iPredopaths
A starter framework towards addressing the types of persistent threats which are often incubated within toxic Internet cultures such as Kiwi Farms.
In our increasingly digital world, a new type of socially motivated, highly predatory online actor is emerging—known as "iPredopaths." These individuals excel at psychological manipulation online, surpassing typical cyberbullies and trolls.
iPredopaths employ a mix of advanced tactics to exploit human weaknesses. They operate in a manner that transcends traditional cybersecurity boundaries, affecting not just tech experts but also psychologists, law enforcement, and social workers. The term iPredopath and its associated framework were developed by psychologist Dr. Michael Nuccitelli, whose diagnostic criteria I previously excerpted in this publication to better help my readers understand these actors and their behaviors.
These individuals rely heavily on psychological manipulation, using coercive and deceptive tactics to harm victims. While they can infiltrate online and offline communities to identify or deepen their influence over potential victims, they often sustain primary relationships with one or two social groups that endorse their actions. These can be on forums, social media, or chat platforms like Discord.
The "veil of anonymity" in cyberspace allows these disturbed individuals to find and engage with others who validate their distorted beliefs and fantasies. Their power comes from skillful use of internet features like anonymity for stalking and harassment. In my experience, the most extreme and victim-fixated among them are likely to remain undeterred, even if their true identities are exposed.
For iPredopaths, the internet is more than a tool; it’s a playground that validates their distorted beliefs. They emotionally distance themselves from their actions, allowing them to manipulate victims using personal information acquired through open-source intelligence or social engineering.
Like classic psychopaths, iPredopaths vary in skill, mental health status, intelligence, and victim count. Detecting them is challenging but not impossible. Algorithms, victim reports, and social media metadata can flag potential iPredopath activities.
Technology alone can't fully mitigate these threats. To help with this, I've developed a threat matrix based on my own experiences investigating these actors and working with their victims. This tool is aimed at helping security experts, lawyers, and law enforcement understand and address threats that originate from social groups on forums like Kiwi Farms. These threats can sometimes seem irrational and lead to victims being misunderstood or harmed further when they try to explain their experiences.
Please be forgiving, as this is a first pass, and I’m sure it will evolve over time.
Socially Motivated Actors/iPredopaths
Tactics
Psychological Manipulation: Using a blend of coercive and manipulative tactics to control, influence, or deceive victims.
Social Penetration: Gaining access to social circles either online or offline to find potential victims or to better control existing ones.
Anonymity Utilization: Skillfully using the anonymity provided by the internet to stalk, harass, or deceive.
Techniques
Fantasy Validation: Engaging with communities or individuals who validate their distorted beliefs or fantasies.
Technological Dependency: Reliance on technology to carry out their malicious objectives.
Dissociative Tactics: Employing techniques that allow them to detach from the reality of their actions, further enabling their activities.
Emotional Leverage: Using any gained personal information to attempt to emotionally manipulate their victims.
Procedures
Impersonation: Adopting varied online personas and using VPNs, voice changers, or other anonymizing tools to disguise their identity and location. Engaging in impersonation of real victims, individuals associated with victims, or their own associates.
Information Harvesting through Social Engineering: Manipulating victims or their associates into revealing personal or sensitive information.
Low-Moderate Skill Disruption: Creating fake social media profiles to stalk, impersonate, or engage with victims. Submitting false reports to harm victims. Toeing the line with regard to a company’s Terms of Service. Actively seeking to defeat technical obstacles in the way of stalking their victim(s). Using systems in a manner in which they were not intended in order to engage in negative repercussions towards their victims.
Fantasy Enabling: Engaging in online forums or using social media to find individuals or groups who will validate their distorted fantasies.
Mitigation Data Sources
Online Behavior Analysis: Using algorithms to detect patterns consistent with iPredopath activities.
User Reporting: Encouraging and facilitating reports from potential victims or witnesses, and acting on them.
Application Metadata: Using data analytics to identify suspicious patterns pointing towards extensive patterns of abuse.
This threat matrix is a checklist for cybersecurity professionals, as well as a basic multidisciplinary tool that attempts to synthesize technological, psychological, and sociological expertise to describe a new breed of threat actor which is causing widespread harm, yet still suffers from low recognition by those with the resources to investigate and address these harms.
By recognizing the reality of the existence of these actors, we can begin to craft more holistic strategies to combat this insidious and burgeoning form of digital predation which focus the defensive efforts where they matter most: against the sources of the harm to avoid further burdening victims.
This is an evolving framework. If folks are interested in contributing, I'll post it on Github for community updates.