Aviva Zacks of Safety Detective caught up with Yongxin Xi, Director of Engineering, Analytics for DataVisor and found out how her company helps companies like Yelp and Pinterest protect themselves from fraud.
Safety Detective: How did you get into cybersecurity and what do you love about it?
Yongxin Xi: My first job in this field was at Yahoo, with the Anti-Spam team. At that time, I felt like I had acquired a solid amount of machine learning knowledge from my Ph.D. program at Princeton, and I was looking for a way to apply it. So, I took on the challenge. It was not an easy job, as spammers are always adversarial against detection systems. However, the process of trying to outsmart spammers and bring fraud rates down was both fun and satisfying. Fighting spam also gave me a strong sense of justice, and I was motivated to make the digital world a safer place.
Since joining DataVisor, I feel I’ve further enriched myself with new and increased technical expertise, and also broadened my knowledge of fraudster behavior and fraudster mindset. The more we learn about them, and the more experience we gain, the better equipped we are to create the solutions that will proactively stop them from committing their crimes.
SD: What are some industries that use DataVisor’s technology, and why?
YX: DataVisor’s core technology is focused on unsupervised machine learning (UML), and our approach is unique because we can mine coordinated fraud attacks with extremely high precision, without any need for labels. Because of this capability, our solutions are perfect for social media platforms and financial services providers, though for somewhat different reasons.
With social, creating new accounts is easy, and there are no costs. However, to make any profit, fraudsters need to create hundreds of thousands of new accounts, so they have to scale their operations. Managing all those accounts requires coordination, and our solutions are ideal for uncovering that kind of coordinated activity.
The story is a little different in the financial sector, where so many organizations are so well established. Risk teams at established financial institutions typically have a great deal of experience with many different types of financial crime. What they don’t usually have, however, is the ability to deal with modern, coordinated fraud attacks—and fraudsters know this. Fraudsters are always pivoting and adapting and trying to exploit any vulnerabilities they can. When they attack financial institutions, they try to do so with sophisticated, hard-to-spot attacks that are complex and coordinated, knowing that they can evade existing detections systems. With our solution, we can cast a much wider net, and connect the dots more effectively.
SD: How can DataVisor protect its customers from threats?
YX: With our approach to working with our customers, we focus on providing three fundamental values. We want to provide the right technology—robust algorithms that can help detect even very sophisticated, large-scale attacks. Also, we want to offer truly flexible integration. From the moment we begin to assess their pain points and audit their existing systems, to the moment we run our first test models, to the moment we fully implement our solution, we’re working directly with our customers to provide the right solution for their organization. Finally, we want to provide an intuitive UI and a genuinely easy-to-use product.
SD: What is the number one threat in cybersecurity today?
YX: Coordinated attacks. The level of speed, scale, and sophistication of modern fraud is unprecedented. The surface area for attacks is vast, and fraudsters have so many different techniques and technologies at their disposal. Using bots, it’s possible to harness literally thousands and thousands of fake accounts in an attack on a single business.
Not to mention that fraudsters have become so adept at impersonating legitimate users—they’re using techniques like phishing, and social engineering, and credential stuffing, and they’re buying stolen data from data breaches on the dark web, and they’re using web scrapers to add everything from phone numbers to pictures to these accounts, to make them seem real.
When you analyze any one account in isolation, it may seem normal. It’s only when you use holistic analysis to review accounts as a group that you can start to spot the signs of a coordinated attack—the patterns and correlations across accounts and actions. Existing detection systems that rely on rules and supervised machine learning alone can’t stop these coordinated attacks. Still, these are the attacks that are dominating the fraud landscape today, so it’s important that businesses start adopting more advanced solutions.
SD: How will the cyberthreat landscape change in the next 5 years?
YX: A number of things are going to change. Certainly investment. Companies are going to be spending a great deal more on anti-fraud solutions because the challenges are getting more complicated, and older detections systems are rapidly falling behind.
I also think cybersecurity itself is going to change. What’s happening now out in the fraud space—this rise in coordinated attacks, this increase in complexity and sophistication, this expanding surface area— is starting to happen to internal networks as well, and cybersecurity teams are going to want to start integrating the same kinds of AI and Ml-powered solutions to protect their networks.
Finally, I think we’re entering an era where companies are no longer trying to keep quiet about the fact that they have a fraud solution in place. It used to be that admitting you had a fraud solution meant admitting you had a fraud problem. It won’t be like that anymore. For businesses to make the case to their customers that they truly care about their experiences, they’re going to want to come right out and proactively and transparently tell their customers that they’ve installed an advanced prevention system. We have a client who’s doing that right now; they’re partnering with us to protect a new financial product that isn’t even released yet. They want to come out of the gate with a safe product, and they want their customers to know it’s safe.