SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
Story image
Akamai launches Content Protector to thwart scraping attacks in Asia-Pacific
Wed, 7th Feb 2024

Tech giant Akamai Technologies has officially announced a new product, Content Protector, that aims to thwart scraping attacks without hindering the beneficial traffic that businesses rely upon to boost their operations. The tool comes at an opportune time for the Asia Pacific and Japan region, which has recently experienced an upsurge in malicious bot activity, the company states.

Statistics reveal that this region was the second-most targeted for phishing scams involving financial services. Moreover, it saw more than 765 billion malicious bot requests in the commerce sector between January 2022 and March 2023.

Content Protector's design caters to firms requiring protection for their intellectual property, reputation, and revenue potential. It detects and mitigates evasive scrapers that steal content with nefarious intent. Scraper bots, although often used productively in the commerce ecosystem to search for new content, highlight products on comparison sites, and gather updated product data for customer communication, can also be exploited for harmful ends.

Malicious scraper usage can result in undercutting competitors, facilitating surveillance before inventory hoarding attacks, and counterfeiting goods and websites. Moreover, unless halted, scrapers can degrade site performance by pinging sites 24/7, leading consumers to abandon their visits out of frustration. Scraper sophistication and evasiveness have substantially increased over recent years.

Using Content Protector, businesses can enjoy significantly improved detections and fewer false negatives without a corresponding rise in false positives, courtesy of its nuanced and tailored detections, which include protocol-level assessments, application-level assessments, user interaction, user behaviour and risk classification.

Content Protector conducts protocol fingerprinting to evaluate the client-server connection establishment across the different layers of the Open Systems Interconnection model. The application-level assessment gauges whether the client can execute some business logic written in JavaScript. User interaction is monitored based on standard peripherals like touch screen, keyboard, and mouse. Resident botnets targeting specific content, resulting in notably divergent behaviour from legitimate traffic, are flagged in the user behaviour analysis. Finally, the risk classification provides traffic risk categorisation, based on anomalies found during the evaluation, which can be low, medium or high.

Rupesh Chokshi, Senior Vice President and General Manager of Application Security at Akamai, asserted that content scraping presents a severe threat to businesses, including competitors undercutting offers, slower sites causing customers' frustration and departure, and brand damage from counterfeit substandard goods being passed off as legitimate merchandise. He further stated that Content Protector could demonstrate the direct business value of security while enabling business leaders to expand their digital businesses.