TechnologyAlarming: API Attacks Surge 3,000% In Q3, Finds Research
ADVERTISEMENT

Alarming: API Attacks Surge 3,000% In Q3, Finds Research

There were over 1.2 billion attacks, including 271 million API attacks, last quarter.

10 Dec 2024, 12:54 PM IST i
NDTV Profit
NDTV Profit
<div class="paragraphs"><p>API-focused attacks were also 85% more frequent than those on websites. (Photo source: gstudioimagen1/Freepik)</p></div>
API-focused attacks were also 85% more frequent than those on websites. (Photo source: gstudioimagen1/Freepik)

As digital operations focus on application programming interface integration, there has been a shift in cybersecurity dynamics, with a marked increase in cyber threats, particularly those targeting APIs.

According to a report by application security SaaS provider Indusface, there were over 1.2 billion attacks, including 271 million API attacks, last quarter. There was a massive 3000% increase in distributed denial-of-service attacks on APIs compared to traditional web assets.

API-focused attacks were also 85% more frequent than those on websites, revealing the heightened risk landscape for organisations relying heavily on API gateways, which are often underprepared for such sophisticated threats.

DDoS and bot attacks have increased substantially, with Indusface’s platform intercepting more than 377 million DDoS incidents and 215 million bot attacks in Q3. This marks a 145% year-over-year increase in bot activity, with DDoS attacks affecting 60% of websites and bot-driven threats impacting 90%. 

“The rise of LLMs has significantly lowered the barrier for executing vulnerability attacks, as reflected in our data, which shows triple-digit growth in such incidents. Alarmingly, over 30% of critical and high-severity CVSS vulnerabilities remain unpatched even six months after discovery," said Ashish Tandon, founder and chief executive officer of Indusface.

ALSO READ

Delhi Police Arrests Accused From Bengal In Rs 2,000-Crore WazirX Cyber Attack Case
Opinion
Delhi Police Arrests Accused From Bengal In Rs 2,000-Crore WazirX Cyber Attack Case
Read More

Over 354 million attacks targeted small and medium-sized businesses this quarter. SMBs suffer from a 175% higher rate of DDoS attacks per site compared to their larger counterparts, due to cybersecurity budget constraints.

The banking, financial services, and insurance sector faced double the industry average in bot attacks, with financial data increasingly targeted for theft and fraud. Every healthcare site experienced bot attacks, the report noted.

When it comes to retail and e-commerce, bot-driven attacks led to a 50% higher rate of vulnerability exploitation compared to DDoS attacks, indicating a broad spectrum of cyber threats.

In the power and energy sector, the frequency of attacks quadrupled as attackers exploit lesser-regulated sectors for ransom-focused intrusions.

ALSO READ

Most Indian Executives Expect Cybersecurity Budget Increase Next Year, Says PwC Report
Opinion
Most Indian Executives Expect Cybersecurity Budget Increase Next Year, Says PwC Report
Read More
Watch LIVE TV, Get Stock Market Updates, Top Business, IPO and Latest News on NDTV Profit.
OUR NEWSLETTERS
By signing up you agree to the Terms & Conditions of NDTV Profit
ADVERTISEMENT