"Financial Services API and Web Application Attacks Increase by 257%"

One of the most difficult challenges modern security teams face is managing the attack surface. Every app and Application Programming Interface (API) in today's hybrid and multi-cloud environments is a potential target for cybercriminals to exploit. Akamai Technologies, a Content Delivery Network (CDN) provider, recently released a new report revealing a 257 percent increase in web application and API attacks on financial service institutions. According to the same report, Distributed Denial-of-Service (DDoS) attacks on financial institutions increased by 22 percent year over year, and threat actors are using techniques in their phishing campaigns to circumvent two-factor authentication solutions. Although the findings focus on financial institutions, the report has broader importance for businesses. It emphasizes that web apps and APIs will be a primary target for cybercriminals in the future. According to Noname Security research, 41 percent of organizations had an API security incident in the previous 12 months, with 63 percent involving a data breach or data loss. One of the primary reasons for the high level of API exploitation targeting enterprises and financial institutions is the large attack surface of web applications and APIs that most security teams lack the resources and expertise to protect. There are several steps that businesses can take to strengthen their defenses against API-driven threats. Gartner suggests that organizations invest in technologies that automatically discover, catalog, and validate APIs. They are also urged to develop a security strategy that includes API security testing and API access control. Increasing transparency about which internal and third-party APIs are used allows enterprises to begin mitigating potential vulnerabilities across the attack surface. This article continues to discuss key findings and recommendations regarding the increase in API and web application attacks. 

VB reports "Financial Services API and Web Application Attacks Increase by 257%"

Submitted by Anonymous on