Abstract
The component of culture is rarely incorporated in the study of cybercriminal actors. In this paper, we propose an approach and an initial proof of concept for analyzing human behavior and interaction within cybercriminal groups through the lens of cultural dimensions. We utilize a set of variables which determine characteristics of national and organizational culture to create a “cultural footprint” of threat actors. We conduct thematic analysis across the six dimensions of the Hofstede national culture classification and the eight dimensions of Meyer's classification on leaked internal communications of the ransomware group Conti. We identify high power distance and collectivism as the most prominent dimensions of the group, along with the construct of connectedness. We advocate that systematic cultural analyses of such communications can serve as a practical tool for understanding the structure and modus operandi of cybercrime and cyberwarfare-related groups.
| Original language | English |
|---|---|
| Title of host publication | IEEE European Symposium on Security and Privacy |
| Place of Publication | Venice, Italy |
| Publisher | IEEE |
| Pages | 103-108 |
| Number of pages | 6 |
| ISBN (Electronic) | 979-8-3315-9546-3 |
| ISBN (Print) | 979-8-3315-9547-0 |
| DOIs | |
| Publication status | Published - 1 Sept 2025 |
Keywords
- Culture
- Cultural Dimensions
- Threat Actors
- Ransomware
- Cybercrime
- Conti
