Akamai recorded more than 26 billion application and API attacks in June 2024
CAMBRIDGE, Mass., July 30, 2024 /PRNewswire/ — Akamai Technologies, Inc, the cloud company that powers and protects life online, today released a new State of the Internet (SOTI) report that shows how growth in demand for applications and APIs has transformed them into lucrative targets for threat actors. In Digital Fortresses Under Siege: Threats to Modern Application Architectures, Akamai notes that it observed more than 26 billion web attacks against applications and APIs in June 2024 alone, and that these attacks surged by 49% over the last year.
API abuse in particular is a growing concern for businesses that increasingly rely on these gateways to provide access to their capabilities and services. The report notes that attacks against APIs can occur in various forms, including data breaches, abuse, and distributed denial-of-service (DDoS) attacks. In fact, Akamai recorded 108 billion API attacks from January 2023 through June 2024. These relentless assaults against APIs can lead to data theft, damages to brand reputation, regulatory fines, and significant financial losses.
Other key findings of the report include:
- High technology, commerce, and social media were the three industries most targeted by Layer 7 DDoS attacks, with more than 11 trillion attacks in just 18 months.
- DDoS attacks challenge traffic over all ports and protocols on Layers 3 and 4 and Layer 7. This includes the Domain Name System (DNS) protocol, which Akamai research observed to be a component in 60% of Layers 3 and 4 DDoS attack events in the past 18 months.
- The commerce industry has been victim to the most web application and API attacks, with more than double the number of attacks than any other sector (high technology was second).
- Local file inclusion (LFI), cross-site scripting (XSS), SQL injection (SQLi), command injection (CMDi), and server-side request forgery (SSRF) attacks remain prevalent vectors that target business applications and APIs.
“Successful attacks against applications and APIs are becoming more common and they can impact an organization’s revenue and reputation,” said Rupesh Chokshi, Senior Vice President and General Manager, Application Security, Akamai. “With Digital Fortresses Under Siege: Threats to Modern Application Architectures, we provide an in-depth look at how attackers target apps and APIs and share effective strategies to prevent these dangerous incursions, ensuring your organization remains resilient.”
Digital Fortresses Under Siege: Threats to Modern Application Architectures includes a security spotlight that offers advice on mobile app user agreements. The report also features snapshots for the Europe, Middle East and Africa (EMEA) and Asian-Pacific and Japan (APJ) regions that provide data and case studies particular to those areas.
