API and App Attacks Triple In 2022 For Social Media, Tech, & Retail

In Akamai’s State of the Internet report, API and application-based attacks had a record year on the EMEA in 2022 compared to 2021. 

Web application and API attack growth has been primarily driven by Local File Inclusion (LFI) and XSS. The report found that LFI remained the top attack silo in EMEA, with attacks growing 115% and 193% globally. 

48% of organizations stated that they release vulnerable applications into production because of time constraints and that only 14% of developers prioritize application security during coding. 

82% of IT executives noted that their organization experienced a data breaches when introducing new technology.

Notable spikes in attacks included:

  • Retail sector – up 189% 
  • Tech – up 176% 
  • Social Media – up 404%

Globally, the financial services sector saw an increase in attacks, but the UK’s recorded threats declined by 4%. Akamai suggests the decrease may be attributed to threat actors targeting individual accounts instead of the institutions.

Furthermore, organizations’ expanding attack surfaces with the adoption of IoT equipment has driven attacks on the healthcare industry by 82% and manufacturing by 76%.

George McGregor, VP, Approov had this comment:

   “Because it is based on data from the Akamai WAF this research is very much focused on traditional web apps and their vulnerabilities. 

   “Increasing use of mobile apps rather than browsers should really be taken into account especially as their use presents a particular set of security challenges which cannot easily be addressed or even seen from server-side reporting.”

Given how pervasive attacks are these days, it makes sense to look at your entire attack surface and make sure that your defences are aligned to that attack surface.

Leave a Reply

%d bloggers like this: