Why we have biases: the energy-saving brain

SITUATION ASSESSMENT

In October 2023, researchers at the Oxford Internet Institute documented a cognitive overload campaign targeting European voters during regional elections. The operation flooded information channels with over 40,000 contradictory narratives within 72 hours, exploiting a fundamental weakness in human cognition: our brain’s tendency to take mental shortcuts when processing overwhelming information volumes.

This incident illuminates a critical vulnerability that adversarial actors increasingly exploit—our cognitive biases. These mental shortcuts, while evolutionarily advantageous, create predictable attack vectors in modern information environments. Open-source evidence indicates that understanding why these biases exist is essential for developing effective cognitive defense strategies.

THREAT VECTOR: The Energy-Saving Brain

The human brain consumes approximately 20% of our body’s total energy despite representing only 2% of body weight. This metabolic constraint drove evolution to develop cognitive biases—mental shortcuts that reduce processing demands while enabling rapid decision-making in resource-scarce environments.

According to Daniel Kahneman’s dual-process theory (2011), our cognitive architecture operates through two systems: System 1 (fast, automatic, intuitive) and System 2 (slow, deliberate, analytical). System 1 processes information using heuristics and biases to conserve mental energy, while System 2 requires significant cognitive resources for complex analysis.

The operational pattern suggests that cognitive biases served as survival mechanisms in ancestral environments where quick threat assessment meant the difference between life and death.

Modern threat actors weaponize this evolutionary legacy through what RAND Corporation (2016) terms «cognitive hacking»—deliberately triggering System 1 responses to bypass critical thinking. The Center for Strategic and International Studies documented over 200 influence operations between 2019-2023 that specifically targeted common cognitive biases.

Primary Bias Categories Under Attack

Confirmation bias leads individuals to seek information confirming existing beliefs while avoiding contradictory evidence. The availability heuristic causes people to judge probability based on easily recalled examples. Anchoring bias creates excessive reliance on first information encountered when making decisions.

NATO’s Cognitive Warfare Concept (2021) identifies these biases as «critical vulnerabilities in human decision-making systems» that adversaries exploit through targeted disinformation campaigns.

CASE STUDY: Documented Bias Exploitation Operations

Operation 1: Brexit Referendum Influence Campaign

The UK’s Intelligence and Security Committee (2020) documented how foreign actors exploited confirmation bias during the 2016 Brexit referendum. The operation created echo chambers that reinforced pre-existing beliefs about EU membership, using micro-targeting algorithms to deliver bias-confirming content to specific demographic segments.

DFRLab analysis revealed that the campaign generated over 156,000 tweets using 13,000 bot accounts, each designed to trigger specific cognitive biases. Availability heuristic exploitation involved flooding social media with emotionally charged anecdotes about EU immigration policies, making these isolated incidents seem statistically representative.

Operation 2: COVID-19 «Infodemic» Campaigns

Stanford Internet Observatory (2021) traced coordinated inauthentic behavior across 15 countries that weaponized anchoring bias during early COVID-19 vaccine rollouts. The campaigns strategically placed unverified safety concerns as the first information many users encountered about vaccines.

This aligns with documented TTPs for cognitive priming attacks—establishing initial information anchors that influence subsequent decision-making. EU DisinfoLab identified over 4,000 coordinated accounts that specifically targeted healthcare workers and elderly populations using bias-exploitation techniques.

Assessment: Both operations demonstrate systematic understanding of cognitive bias mechanisms, suggesting state-level resources and behavioral psychology expertise.

DETECTION PROTOCOL: Identifying Bias-Exploitation Attacks

A critical indicator is the presence of multiple bias-triggering elements within single information packages. Threat actors rarely target one cognitive bias in isolation, instead deploying combinations that create cascading cognitive effects.

Technical Indicators:

• Temporal clustering: High-volume, coordinated content deployment within narrow time windows
• Emotional amplification: Content designed to trigger strong emotional responses that bypass analytical thinking
• Source obscuration: Information presented without clear attribution or with fabricated credentials
• Echo chamber construction: Algorithmic manipulation creating artificial consensus through repeated exposure
• Complexity reduction: Oversimplified explanations for complex issues that appeal to cognitive shortcuts

Behavioral Signatures:

• Immediate emotional reactions to information without verification
• Selective information seeking that confirms existing beliefs
• Overconfidence in judgments based on limited information
• Resistance to contradictory evidence despite credible sourcing

DEFENSE FRAMEWORK: Multi-Level Cognitive Resilience

Effective defense against bias-exploitation requires understanding that cognitive biases cannot be eliminated—they are hardwired survival mechanisms. Instead, defensive strategies must work with cognitive architecture while building systematic safeguards.

Individual Level Countermeasures:

1. Implement verification protocols: Establish personal rules requiring source verification before sharing information
2. Practice cognitive debiasing: Actively seek contradictory evidence when forming judgments on important issues
3. Create decision delays: Institute mandatory waiting periods before acting on emotionally charged information
4. Diversify information sources: Deliberately consume content from ideologically diverse outlets and fact-checking organizations
5. Monitor emotional responses: Recognize strong emotional reactions as potential indicators of bias manipulation

Organizational Defense Measures:

The Carnegie Endowment for International Peace (2022) recommends implementing structured analytical techniques that institutionalize bias awareness. These include red team analysis, alternative hypothesis testing, and systematic consideration of contradictory evidence.

Organizations should establish information verification workflows that require multiple source confirmation before policy decisions. The Atlantic Council’s Digital Forensic Research Lab provides templates for institutional cognitive security protocols.

Systemic Level Interventions:

Platform design modifications can reduce bias exploitation vectors. Research by MIT’s Center for Collective Intelligence (2023) demonstrates that friction-based interventions—requiring users to pause before sharing—significantly reduce the spread of bias-confirming misinformation.

The operational evidence suggests that understanding cognitive biases as evolutionary adaptations, rather than flaws, enables more effective defense strategies that work with human psychology rather than against it.

ASSESSMENT: Key Intelligence

• Cognitive biases represent evolutionary advantages that become vulnerabilities in modern information environments where survival depends on accurate assessment rather than rapid response
• Adversarial actors demonstrate sophisticated understanding of bias mechanisms and deploy coordinated campaigns targeting multiple cognitive shortcuts simultaneously
• Detection requires recognition of bias-clustering patterns rather than focusing on individual instances of potentially misleading information
• Effective defense balances cognitive efficiency with verification protocols, acknowledging that complete bias elimination is neither possible nor desirable
• Institutional safeguards prove more effective than individual awareness in countering systematic bias exploitation at scale

Forward-looking assessment: As artificial intelligence capabilities advance, expect increasingly sophisticated bias-exploitation campaigns that combine behavioral psychology insights with personalized targeting. The cognitive security domain will require continued evolution of defensive methodologies that account for both human psychological architecture and technological threat vectors.

REFERENCES

Oxford Internet Institute (2023), «European Electoral Manipulation Assessment»;

Kahneman, D. (2011), «Thinking, Fast and Slow«;

RAND Corporation (2016), «The Russian Firehose of Falsehood»;

NATO Strategic Communications Centre of Excellence (2021), «Cognitive Warfare Concept«;

UK Intelligence and Security Committee (2020), «Russia Report«;

Stanford Internet Observatory (2021), «COVID-19 Infodemic Analysis»;

Carnegie Endowment for International Peace (2022), «Cognitive Security Framework»;

MIT Center for Collective Intelligence (2023), «Platform Friction Study»