Expert On New research: surge in API attacks during Lockdown

Researchers at Cequence Security today published new information about a recent surge in API attacks, a major source of vulnerability that Cequence believes businesses aren’t sufficiently protecting against.  “Tales from the Front Line”  offers an insider’s analysis of one customer’s data (anonymized) from specific API attacks over the last four weeks.  CQ Prime researchers found:

  • up to an 85% week over week increase in malicious traffic since the pandemic lockdown
  • the Android Login API is a significant target
  • attackers continuously vary the attack fingerprint to gain success – one campaign showed almost 1.5 million IP addresses using over 4 million different user agents
  • attackers often find unsecured API endpoints through enumeration
  • in some cases, malicious bots generate up to 80-90% of all traffic – requiring expensive operational build-out

Laurence Pitt, Global Security Strategy Director,  Juniper Networks
May 18, 2020
Expert on new research: surge in API attacks in lockdown
The API as an attack vector is common because of the rich rewards which can be reaped from a successful breach, or the damage to the business from bots overwhelming the service and causing a Denial of Service for valid customers. These attacks will continue to escalate, so developers need to look at how to limit the value for anyone gaining access. If they are unable to steal useful information (d ....
[Read More >>]
Jason Kent, Hacker in Residence,  Cequence Security
May 18, 2020
As malicious bot traffic keeps increasing, AI will be key in helping mitigate against these attacks.
"Legitimate traffic represents revenue, and operations teams want to make sure their revenue- generating traffic is prioritized and able to flow. From an operational perspective, then, organizations have to take on the greater load from their attackers, or their applications are going to start to perform poorly. How can you ensure that these expensive infrastructure investments are paying off? ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments

In this article