Rise in APIs and Apps Give Threat Actors a New Hunting Ground

0

Akamai Technologies has released a new State of the Internet (SOTI) report that shows how growth in demand for APIs and applications (Apps) has transformed them into lucrative targets for threat actors.

In the report, Digital Fortresses Under Siege: Threats to Modern Application Architectures, Akamai said that it had observed more than 26 billion web attacks globally against APIs and Apps in June 2024 alone, with attacks increasing by 65% over the last year in the Asia-Pacific and Japan region.

From Q1 2023 to Q1 2024, the region experienced a surge in web attacks against APIs and applications, peaking at 4.8 billion attacks in June 2024.

This rise in attacks results from organisations deploying apps to improve customer experience and business growth. This rapid deployment expands the attack surface, exposing vulnerabilities like poor coding and design flaws in web apps. Additionally, the rapid growth of the API economy also gives cybercriminals more opportunities to exploit vulnerabilities and abuse business logic.

API abuse is a growing concern for businesses that rely on these gateways to access their capabilities and services. The report notes that API attacks can take various forms, including data breaches, unauthorised access, and Distributed Denial-of-Service (DDoS) attacks.

In the Asia Pacific region, Layer 7 DDoS attacks, which target the application layer of websites and online services, increased five-fold over the past year, totalling 5.1 trillion attacks. These attacks overload websites and services by flooding them with requests, aiming to slow them down or render them inaccessible.

Hacktivists frequently employ these types of attacks to disrupt significant political events, such as elections, and to manipulate voter sentiment via social media platforms. They typically flood key social media platforms with a massive volume of seemingly legitimate web requests, overloading these servers and hindering access to candidate information, voter registration portals, and even election results updates. This directly influences voter turnout or public perception of the electoral process.

The Asia Pacific region will host multiple elections this year, presenting a significant target for hacktivists who may employ this strategy to disrupt these crucial democratic processes through social media platforms and election-related websites. Governments and businesses need to enhance their cybersecurity measures to safeguard against such threats by taking proactive measures such as deploying robust DDoS mitigation technologies, ensuring redundancy in critical infrastructure, and educating the public about potential cyber threats.

“The Asia Pacific region frequently experiences web attacks targeting APIs and applications, a trend exacerbated by its rapidly digitising economies,” said Reuben Koh, Asia Pacific Director of Security Technology & Strategy at Akamai Technologies. “As businesses move operations online more rapidly to meet time-to-market pressures, development and security resources are further strained, often resulting in overlooked security processes. It is extremely important to establish a robust set of best practices to enhance security and resilience in this environment, especially given the high concentration of web attacks observed.”

Key findings of the report include:

  • From Q1 2023 through Q1 2024, there was a recorded 65% growth in web attacks, with growth continuing through the subsequent quarter. Within Asia Pacific, Australia (14.6 billion), India (12.0 billion), and Singapore (10.7 billion ) bore the brunt of API and web application attacks during that period, followed by China (4.3 billion), Japan (4.0 billion), New Zealand (2.1 billion) South Korea (1.6 billion) and Hong Kong SAR (1.5 billion).
  • From April 2023 to February 2024, the social media industry experienced a consistent increase in Layer 7 DDoS attacks. The Asia Pacific region ranked only second to North America in terms of threat landscape for web applications. Singapore experienced the highest concentration of attacks at 2.9 trillion, followed by India (959 billion), South Korea (544 billion), Indonesia (260 billion), China (188 billion), Japan (83 billion), Australia  (74  billion),  and  Taiwan  (50  billion).
  • Akamai researchers have observed high technology, commerce, and social media to be the top three targeted industries in Layer 7 DDoS attacks, with more than 11 trillion attacks in just 18 months globally. Similarly, the Asia Pacific region experienced a five-fold increase in these attacks, totaling 5.1 trillion during the same timeframe.
  • DDoS attacks challenge traffic over all ports and protocols in both the infrastructure and application layers. This includes the Domain Name System, which Akamai research observed to be a component in nearly 60% of DDoS attack events.
  • The commerce industry has been the target of most API and web application attacks, hit with more than double the number of attacks than any other sector (high technology was second). In the Asia Pacific region, this trend aligns with prior reporting, as both the financial services and commerce sectors reported the most web attacks.
  • Local File Inclusion (LFI), Cross-Site Scripting (XSS), SQL injection (SQLi), Command injection (CMDi), and Server-Side Request Forgery (SSRF) attacks remain prevalent vectors targeting business applications and APIs.

Digital Fortresses Under Siege: Threats to Modern Application Architectures includes a security spotlight offering advice on mobile app user agreements. It also features snapshots for the Europe, Middle East and Africa, and the Asia Pacific and Japan regions, which provide data and case studies particular to those areas.

You can read the full report here.

Share.

Comments are closed.