Despite the importance that human error in the cyber domain has had in recent reports, cyber warfare research to date has largely focused on the effects of cyber attacks on the target computer system. In contrast, there is little empirical work on the role of human operators during cyber breaches. More specifically, there is a need to understand the human-level factors at play when attacks occur. This paper views cyber attacks through the lens of suspicion, a construct that has been used in other contexts, but inadequately defined, in prior research. After defining the construct of suspicion, the authors demonstrate the role that suspicion plays as the conduit between computer operators' normal working behaviors and their ability to alter that behavior to detect and react to cyber attacks. With a focus on the user, rather than the target computer, the authors empirically develop a latent structure for a variety of types of cyber attacks, link that structure to levels of operator suspicion, link suspicion to users' cognitive and emotional states, and develop initial implications for cyber training.