1、TLP:WHITEBut Mom,I Need To Spend More Time on Social Media!Bridging CTI and Fraud:UnderstandingSocial Media Cyber Threat Landscape and BeyondDaniel Widya Suryanata&Jurgen VisserTLP:WHITETLP:WHITESPEAKERSDaniel Widya SuryanataDaniel has over 7 years of experience in the cybersecurity industry,in whic
2、h he focused on the areas of incident response,security monitoring,and threat intelligence.He is now leading a team of incident responders and CTI analysts.Daniel graduated from Carnegie Mellon University and holds various certifications.Jurgen VisserJurgen(GCTI,CTIA,CRTIA)has 14 years of experience
3、,focused the last few years on Cyber threat intelligence and has published several CTI related articles on Slide 2TLP:WHITEBOTTOM LINE UP FRONT(BLUF)Slide 3WHAT IS THIS ABOUT?Cyber Threat Intelligence covering the fraud domain in South East Asia(Indonesia).CTI CMM:ad-hoc level(CTI level 1)automation
4、 and cross-team collaboration(CTI level 2).CHALLENGESSocial collection is hard and costlySocial Media platform brand protection is limited and challenging to consistently manageTHREAT ACTOR:FRAUDSTERSTHREAT 1:Fake Customer ServiceTHREAT 2:Social Media Comment HijackingTHREAT 3:Google Maps Business F
5、raudTHREAT 4:Google Adwords hijackingTHREAT 5:Fake Job PostingsKEY TAKEAWAY-CTI PROGRAMEstablish a baselineConsistent threat huntingWork with social media platformsSet up takedown functionMonitor new fake accounts proactivelyClose the loopHOW DID WE GET HERE?Bottom up approach for PIRsStakeholder ma
6、nagement with the fraud/brand protection teamTLP:WHITEWhy this talk?Slide 4Key Insight:The“garden”is a open area that cannot be fully controlled,detect early,degrade threat actors efforts early,before an infestation occurs.Detect early,degrade threat actors earlyFighting fraud on the internet is lik