A web application attack surface and API attack training

Attacks on web applications and APIs and zero-day vulnerabilities have increased tremendously in the last nine months: Akamai cybersecurity researchers analyzed attacks on web applications and APIs and found that they tripled in the first quarter of 2022 compared to the first quarter of 2021.

In the first half of 2022 there were more than 6.3 billion attack attempts (an increase of 3 times from the first quarter of 2021). Attackers are constantly working to break into systems, steal data (and their users’ data), disable systems, and generally cause damage.

Local File Inclusion (LFI) attacks have increased tremendously and have now overtaken Structured Query Language Injection (SQLI) as the most common web attack vector.

Most of the attacks target Akamai’s US customers. Commerce has been the hardest hit industry, with hi-tech seeing the most growth so far in 2022. The financial industry follows in third place.

Although the United States is both the source and the target of more than half of LFI attack attempts (as of April 2022), there are also large flows of data between other countries and the United States. Some countries are primarily sources of LFI attack traffic (Netherlands) and others are primarily recipients (Australia).

Breakdown of web applications and API attacks

The following pie chart shows the geographic distribution of attacks in 2022. Most attacks target Akamai customers in the US, but the EMEA and APAC regions were also severely affected. In some countries, such as Germany and Australia, attacks have been recorded that do not correspond to normal data traffic.

There are three main patterns that Akamai researchers have extracted from the analyzed data. Attackers can use long-term persistence, short attack waves, or one-time surprise attacks. These are described in the blog post.

Akamai researchers continue to monitor attempts to exploit unpatched blockbuster vulnerabilities such as Log4Shell. The researchers assume that this will also be the case with Spring4Shell. While we can’t predict how an attacker will exploit web applications and APIs, this is further evidence that we must do everything we can to stay current with patches and ensure proper protection is in place.

All additional information can be found in Akamai’s current blog post: https://www.akamai.com/blog/security/attack-surface-workout-web-application-api-attacks

Leave your vote

Leave a Comment

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.