Akamai Research: Web Attacks Targeting Applications and APIs Up by 49% in the Last Year

Rhea-AI Summary

Akamai Technologies (NASDAQ: AKAM) has released a new State of the Internet report highlighting the increasing threats to applications and APIs. Key findings include:

- 26 billion web attacks against applications and APIs observed in June 2024 alone
- 49% surge in these attacks over the last year
- 108 billion API attacks recorded from January 2023 through June 2024
- High technology, commerce, and social media were the most targeted industries by Layer 7 DDoS attacks
- DNS protocol was a component in 60% of Layers 3 and 4 DDoS attack events

The report emphasizes the growing concern of API abuse and its potential consequences, including data theft, brand reputation damage, regulatory fines, and financial losses.

Positive

• Akamai's research provides valuable insights into cybersecurity trends
• The company's data collection capabilities demonstrate its strong market position in cloud security

Negative

• Increasing cyber threats may lead to higher security costs for Akamai's clients
• Rising attacks could potentially impact Akamai's ability to protect its customers effectively

Akamai recorded more than 26 billion application and API attacks in June 2024

CAMBRIDGE, Mass., July 30, 2024 /PRNewswire/ -- Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that powers and protects life online, today released a new State of the Internet (SOTI) report that shows how growth in demand for applications and APIs has transformed them into lucrative targets for threat actors. In Digital Fortresses Under Siege: Threats to Modern Application Architectures, Akamai notes that it observed more than 26 billion web attacks against applications and APIs in June 2024 alone, and that these attacks surged by 49% over the last year.

API abuse in particular is a growing concern for businesses that increasingly rely on these gateways to provide access to their capabilities and services. The report notes that attacks against APIs can occur in various forms, including data breaches, abuse, and distributed denial-of-service (DDoS) attacks. In fact, Akamai recorded 108 billion API attacks from January 2023 through June 2024. These relentless assaults against APIs can lead to data theft, damages to brand reputation, regulatory fines, and significant financial losses.

Other key findings of the report include:

• High technology, commerce, and social media were the three industries most targeted by Layer 7 DDoS attacks, with more than 11 trillion attacks in just 18 months.
• DDoS attacks challenge traffic over all ports and protocols on Layers 3 and 4 and Layer 7. This includes the Domain Name System (DNS) protocol, which Akamai research observed to be a component in 60% of Layers 3 and 4 DDoS attack events in the past 18 months.
• The commerce industry has been victim to the most web application and API attacks, with more than double the number of attacks than any other sector (high technology was second).
• Local file inclusion (LFI), cross-site scripting (XSS), SQL injection (SQLi), command injection (CMDi), and server-side request forgery (SSRF) attacks remain prevalent vectors that target business applications and APIs.

"Successful attacks against applications and APIs are becoming more common and they can impact an organization's revenue and reputation," said Rupesh Chokshi, Senior Vice President and General Manager, Application Security, Akamai. "With Digital Fortresses Under Siege: Threats to Modern Application Architectures, we provide an in-depth look at how attackers target apps and APIs and share effective strategies to prevent these dangerous incursions, ensuring your organization remains resilient."

Digital Fortresses Under Siege: Threats to Modern Application Architectures includes a security spotlight that offers advice on mobile app user agreements. The report also features snapshots for the Europe, Middle East and Africa (EMEA) and Asian-Pacific and Japan (APJ) regions that provide data and case studies particular to those areas.

This year marks the 10th anniversary of Akamai's State of the Internet (SOTI) reports. The SOTI series provides expert insights on the cybersecurity and web performance landscapes, based on data gathered from Akamai Connected Cloud.

About Akamai
Akamai powers and protects life online. Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. Akamai Connected Cloud, a massively distributed edge and cloud platform, puts apps and experiences closer to users and keeps threats farther away. Learn more about Akamai's cloud computing, security, and content delivery solutions at akamai.com and akamai.com/blog, or follow Akamai Technologies on X, formerly known as Twitter, and LinkedIn.

Contact
Jim Lubinskas
Akamai Media Relations
703.907.9103
jlubinsk@akamai.com 

View original content to download multimedia:https://www.prnewswire.com/news-releases/akamai-research-web-attacks-targeting-applications-and-apis-up-by-49-in-the-last-year-302209385.html

SOURCE Akamai Technologies, Inc.

FAQ

What was the increase in web attacks targeting applications and APIs according to Akamai's report?

According to Akamai's report, web attacks targeting applications and APIs increased by 49% over the last year.

How many API attacks did Akamai record from January 2023 through June 2024?

Akamai recorded 108 billion API attacks from January 2023 through June 2024.

Which industries were most targeted by Layer 7 DDoS attacks according to Akamai's research?

High technology, commerce, and social media were the three industries most targeted by Layer 7 DDoS attacks, with more than 11 trillion attacks in just 18 months.

What percentage of Layers 3 and 4 DDoS attack events involved the DNS protocol?

According to Akamai's research, the DNS protocol was a component in 60% of Layers 3 and 4 DDoS attack events in the past 18 months.