APIs Drive the Majority of Internet Traffic and Cybercriminals are Taking Advantage | Cybersecurity

Mar 19, 2024. The Hacker NewsAPI Security / Vulnerability.

Application programming interfaces (APIs) are the connective tissue behind digital modernization, helping applications and databases exchange data more effectively. The State of API Security in 2024 Report from Imperva, a Thales company, found that the majority of internet traffic (71%) in 2023 was API calls. What’s more, a typical enterprise site saw an average of 1.5 billion API calls in 2023.

The expansive volume of internet traffic that passes through APIs should be concerning for every security professional. Despite best efforts to adopt shift-left frameworks and SDLC processes, APIs are often still pushed into production before they’re cataloged, authenticated, or audited. On average, organizations have 613 API endpoints in production, but that number is rapidly expanding as pressure grows to deliver digital services to customers more quickly and efficiently. Over time, these APIs can become risky, vulnerable endpoints.

In their report, Imperva concludes that APIs are now a common attack vector for cybercriminals because they’re a direct pathway to access sensitive data. As a matter of fact, a study from the Marsh McLennan Cyber Risk Analytics Center finds that API-related security incidents cost global businesses as much as $75 billion annually.

More API Calls, More Problems

Banking and online retail reported the highest volumes of API calls compared to any other industry in 2023. Both industries rely on large API ecosystems to deliver digital services to their customers. Therefore, it’s no surprise that financial services, which include banking, were the leading target of API-related attacks in 2023.

Cybercriminals use a variety of methods to attack API endpoints, but one common attack vector is Account takeover (ATO). This attack occurs when cybercriminals exploit vulnerabilities in an API’s authentication processes to gain unauthorized access to accounts. In 2023, nearly half (45.8%) of…

read more thehackernews.com

FTC: We use income earning affiliate links. More on Sposored links.
Terms of use and third-party services. More here.

Ad Amazon Minecraft Clothing, toys, and accessories.

Stay connected throughout the year with official, ongoing Microsoft podcasts.
Microsoft Podcasts Apple | Microsoft podcasts YouTube

“Start where you are. Use what you have. Do what you can.” —Arthur Ashe

Related Posts