Check out all the on-demand sessions from the Intelligent Security Summit here.
Managing the attack surface is one of the most difficult challenges facing modern security teams. In today’s hybrid and multicloud environments, every single app and API is a potential target that cybercriminals can and will exploit.
Today, CDN provider Akamai Technologies, Inc., released a new report revealing a 257% growth in web application and API attacks on financial service institutions year-over-year.
The same report also found that DDoS attacks on financial services institutions increased by 22% year-over-year and found that threat actors are using techniques in their phishing campaigns to bypass two-factor authentication solutions.
While the findings pertain to financial service institutions, the report has broader implications for enterprises and highlights that web apps and APIs are a core target for cybercriminals in the future.
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
API attacks and the growing attack surface
Akamai isn’t the only vendor to have picked up on the growing trend of API attacks. Research released by Noname Security found that 41% of organizations had an API security incident in the last 12 months, 63% involving a data breach or data loss.
One of the main reasons for the high amount of API exploitation targeting enterprises and financial service institutions is that there is a vast attack surface of web applications and APIs that most security teams don’t have the resources or expertise to protect.
“Companies have moved key infrastructure over to APIs, so the criminals are following the revenue. But on top of that, APIs are newer and, in many cases, don’t have the same level of maturity in security processes and controls, so are more vulnerable,” said Steve Winterfeld, advisory CISO at Akamai.
“Finally, they are easier to automate attacks against as they are designed for automation. These factors combine to make APIs a smart place for attackers to focus. This is also why CISOs need to focus on them,” Winterfeld said.
Working toward API security
There are a number of steps that enterprises can take to increase their resilience against API-driven threats.
At a high-level, Gartner recommends that organizations invest in technologies to automatically discover, catalog and validate APIs, while developing a security strategy that incorporates API security testing and API access control.
Increasing transparency over what internal and third-party APIs are used ensures that enterprises are in a position to start mitigating potential vulnerabilities across the attack surface.
In addition, Winterfeld recommends enterprises review their risk models to determine if they have appropriate fraud and customer threats categorized based on this new data, while updating phishing defenses to counter the latest MFA attacks with FIDO2-compliant capabilities.
More broadly, implementing industry best practices and processes such as Cyber Kill Chain and NIST’s 800-207 Zero Trust Architecture can help provide greater cyber resilience against the latest threats.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.