Akamai State Of The Internet Report Shows That APIs Are Under Attack From Hackers

Akamai has published their latest findings in State of the Internet report, covering the growing attack of APIs. Key findings include:

  • 3x more web attacks in 2021 over 2020’s record year.
  • About 88.7% of web attacks use the common API vulnerabilities SQLi and LFI.
  • 86% of businesses could allow attackers to forge log data or inject malicious content into data
  • 68% incorrectly releases resources before they were made available for reuse
  • 47% had hard-coded passwords
  • Out of the 5,000 API-dependent web apps tested, 100% of apps had at least one vulnerability.

Giora Engel, CEO and Cofounder, Neosec had this commentary:

“This report is focused on vulnerabilities and not on API behavior which is where abuse occurs. It’s correct that application security history is repeating itself and ignoring vulnerable APIs is the iceberg in front of every security team. However, vulnerabilities are only one side of the API security equation. How do you know if behavior is good or bad on all APIs? Discovery of all your APIs is of course the first step but understanding the behavior and being able to hunt for threats in the API data is where real control and security are found.”:

Clearly attacks on API’s is “the new hotness” for hackers. So to avoid being pwned by hackers, security teams and developers need to take preventive action.

Leave a Reply

%d bloggers like this: