"Attacks Targeting APIs Increased By 400% in Last Six Months"

Security researchers at Salt Security have discovered that attacks targeting application programming interfaces (APIs) have increased by 400% in the last six months.  The researchers also found that 80% of these attacks happened over authenticated APIs.  During their study, the researchers surveyed 400 security professionals and API developers.  Of the respondents, "94% of them have experienced security problems in production APIs over the past year, with 17% having experienced an API-related breach." Due to the impact of such security issues, nearly half (48%) of respondents said that API security had become a C-level discussion within their organization.  The researchers stated that the rapid increase in attacks, in addition to the data provided by their survey respondents, reflects a growing understanding in the C-suite about the importance of purpose-built API security to reduce business risk.  According to the researchers, API use substantially contributes to businesses' digital transformation.  During the study, the researchers also found that API management has also become a significant business issue, with more than half of respondents (59%) saying they had to slow the rollout of new applications because of API security concerns.  Only 23% said their existing security approaches were very effective at preventing API attacks.  According to the researchers, 90% of investigations undertaken by Salt Labs uncovered API security vulnerabilities, and 50% of those discovered should be considered critical.

Infosecurity reports: "Attacks Targeting APIs Increased By 400% in Last Six Months"