TechRadar Posted March 20 Share Posted March 20 Application Programming Interfaces (API) are one of the pillars of today’s blazing fast, interconnected web apps, cloud-based solutions, and internet sites.Their popularity also means that they are often shipped out without proper safeguards and contingencies, making them a huge risk factor for the cybersecurity of different organizations.Hackers have been paying attention, and are increasingly targeting APIs in their malicious campaigns. Malicious bots everywhere These are the conclusions of “The State of API Security in 2024”, a new report published by cybersecurity researchers at Imperva.According to the report, almost three-quarters (71%) of all internet traffic today is done by APIs. Furthermore, the average enterprise had 1.5 billion API calls last year. Aware of the advantages APIs can give a business, organizations are rushing to deliver as many digital services as they can, as fast as they can. An organization has, on average, 613 API endpoints in production these days, the researchers said.This also makes them a risk. The good news is that businesses are aware, and many are adopting shift-left frameworks and SDLC processes to safeguard their products. However, in many cases, APIs are moved into production without proper audits, quickly becoming a security risk. Hackers, on the other hand, have been paying attention, and are increasingly abusing APIs in their efforts to steal sensitive data from organizations. Among different industries, organizations in financial services and online retail have had most API calls last year, and thus, have also had most API-related attacks. Most of the time, hackers would abuse API endpoints in Account Takeover attacks (ATO), the researchers said. Last year, almost half of all ATO attacks (45%) were against vulnerable API endpoints. To make matters worse, these attacks are rarely done manually. Instead, countless malicious bots run automated tasks, logging into vulnerable accounts, grabbing sensitive data, and more.Via The Hacker News More from TechRadar Pro APIs are becoming a worrying security target - here's what your business can do to stay safeHere's a list of the best firewalls around todayThese are the best endpoint security tools right now View the full article Quote Link to comment Share on other sites More sharing options...
.png.6dd3056f38e93712a18d153891e8e0fc.png.1dbd1e5f05de09e66333e631e3342b83.png.933f4dc78ef5a5d2971934bd41ead8a1.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.