Does Your Threat Model Consider Country and Culture? A Case Study of Brazilian Internet Banking Security to Show That It Should

Explore a thought-provoking conference talk that challenges conventional threat modeling approaches by examining the unique cybersecurity landscape of Brazilian internet banking. Delve into a case study spanning 7 years and over 40,000 malware samples to understand how regional factors, cultural nuances, and technological infrastructure significantly influence the development and targeting of cyber threats. Learn why global threat models may fall short in addressing localized risks, and discover how Brazil's distinct internet banking ecosystem has shaped novel attack vectors, from early phishing attempts to Java-based malware and WhatsApp-powered transactions. Gain valuable insights into the importance of considering country-specific and cultural contexts when developing comprehensive threat models and security evaluations.