Business
Akamai Research: Web Attacks Targeting Applications and APIs Up by 49% in the Last Year
Akamai recorded more than 26 billion application and API attacks in June 2024 CAMBRIDGE, Mass., July 30, 2024 /PRNewswire/ -- Akamai Technologies, Inc.
About this update from Akamai Technologies, Inc.
[{"type":"text","content":"Akamai recorded more than 26 billion application and API attacks in June 2024\nCAMBRIDGE, Mass., July 30, 2024 /PRNewswire/ -- Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that powers and protects life online, today released a new State of the Internet (SOTI) report that shows how growth in demand for applications and APIs has transformed them into lucrative targets for threat actors. In Digital Fortresses Under Siege: Threats to Modern Application Architectures, Akamai notes that it observed more than 26 billion web attacks against applications and APIs in June 2024 alone, and that these attacks surged by 49% over the last year.\n\n \n \n \n \n \n \n\n \nAPI abuse in particular is a growing concern for businesses that increasingly rely on these gateways to provide access to their capabilities and services. The report notes that attacks against APIs can occur in various forms, including data breaches, abuse, and distributed denial-of-service (DDoS) attacks. In fact, Akamai recorded 108 billion API attacks from January 2023 through June 2024. These relentless assaults against APIs can lead to data theft, damages to brand reputation, regulatory fines, and significant financial losses.\nOther key findings of the report include:\nHigh technology, commerce, and social media were the three industries most targeted by Layer 7 DDoS attacks, with more than 11 trillion attacks in just 18 months.DDoS attacks challenge traffic over all ports and protocols on Layers 3 and 4 and Layer 7. This includes the Domain Name System (DNS) protocol, which Akamai research observed to be a component in 60% of Layers 3 and 4 DDoS attack events in the past 18 months.The commerce industry has been victim to the most web application and API attacks, with more than double the number of attacks than any other sector (high technology was second).Local file inclusion (LFI), cross-site scripting (XSS), SQL injection (SQLi), command injection (CMDi), and server-side request forgery (SSRF) attacks remain prevalent vectors that target business applications and APIs.\"Successful attacks against applications and APIs are becoming more common and they can impact an organization's revenue and reputation,\" said Rupesh Chokshi, Senior Vice President and General Manager, Application Security, Akamai. \"With Digital Fortresses Under Siege: Threats to Modern ...