Web Attacks On Applications, APIs Rise 49% Over Last Year To Reach 26 Billion: Akamai
These attacks can lead to data theft, damages to brand reputation, regulatory fines and significant financial losses.
Cybersecurity company Akamai Technologies Inc. has released its 'State of the Internet' report, which shows how growth in demand for applications and application programming interfaces have transformed them into lucrative targets for threat actors.
In the report, Akamai noted that it observed more than 26 billion web attacks against applications and APIs in June 2024 alone, and that these attacks surged by 49% over the last year.
API attacks are a growing concern for businesses that increasingly rely on these gateways to provide access to their capabilities and services. The report noted that attacks against APIs can occur in various forms, including data breaches, abuse and distributed denial-of-service attacks.
Akamai recorded 108 billion API attacks from Jan. 2023 through June 2024. These attacks can lead to data theft, damages to brand reputation, regulatory fines and significant financial losses.
Other key findings of the report include:
High technology, commerce, and social media were the three industries most targeted by Layer 7 DDoS attacks, with more than 11 trillion attacks in just 18 months.
DDoS attacks challenge traffic over all ports and protocols on Layers 3 and 4 and Layer 7. This includes the domain name system protocol, which Akamai research observed to be a component in 60% of Layers 3 and 4 DDoS attack events in the past 18 months.
The commerce industry has been victim to the most web application and API attacks, with more than double the number of attacks than any other sector (high technology was second).
Local file inclusion, cross-site scripting, SQL injection, command injection and server-side request forgery attacks remain prevalent vectors that target business applications and APIs.
“Successful attacks against applications and APIs are becoming more common and they can impact an organisation’s revenue and reputation,” said Rupesh Chokshi, senior vice president and general manager, application security, Akamai.
