The sharp rise in the number of people shopping online has increased the risk posed by web skimming campaigns, cyberattacks that compromise websites with malicious scripts to steal credit card details. To tackle this threat and other script-based attacks, Akamai Technologies Inc. today launched a new cybersecurity product called Page Integrity Manager.

Page Integrity Manager uses artificial intelligence to help companies detect malicious code lurking on their sites. It runs in the browser and analyzes sessions to find suspicious activity. 

Malicious scripts are difficult to detect because large sites rely on as many as dozens of scripts to power features such as payment forms. Some of these scripts come from the company that operates the site, while others are placed in users’ browsers by external services that the site uses. One of the highest-profile examples of hackers exploiting this complexity was the October 2019 cyberattack against Macy’s Inc.’s e-commerce store, which was only discovered weeks after the fact. 

“Web skimming attacks steadily remain at a high-volume across a variety of industries, especially retail, media, and hospitality,” detailed Akamai researcher Steve Ragan. “Over a recent seven-day period, we analyzed nearly 5 billion JavaScript executions, across 110 million page views and saw about a thousand vulnerabilities, any one of which could result in stolen sensitive user data.”

Page Integrity Manager assesses whether a script is malicious by looking at a combination of factors. Its AI models check the web address from which a script was loaded onto the user’s browser, as well as the servers to which that script sends the data it collects on visitors. Page Integrity Manager also evaluates more granular details such as the number of users that a suspicious piece of code interacts with.

Akamai says that the product spots threats in both first-party scripts and third-party scripts from any external services that a site may use, such as payment processing platforms. Malicious third-party scripts are particularly difficult to detect because site operators have limited visibility into the code. On top of spotting malware, Page Integrity Manager also shows companies if one of the otherwise legitimate external services their site uses suffers from a known software vulnerability recorded in the CVE database.

“Web page scripts are very dynamic,” said Raja Patel, Akamai’s vice president of web security products. “Third-party scripts are especially opaque, creating a new attack vector that is challenging to defend against.”

Issues spotted by Akamai Page Manager appear in a dashboard where administrators can see all script activity across their company’s site. They also have access to security features that make it possible to reduce the risk from malicious scripts by creating restrictions on actions such as accessing user data.

In recent years Akamai, one of the world’s largest content delivery network operators, has been working to transition its business model to one focused mainly on security. The company is already starting to see a return on its efforts. Akamai last month reported first quarter financial results that beat both profit and revenue estimates thanks partly to a 26% jump in revenue from its Cloud Security Solutions group.  

Photo: Akamai