Wallarm, a leading provider in real-time blocking of API attacks, unveiled a groundbreaking security research report based on data collected from the world’s first globally distributed API honeypot network on Dec. 17. This report sheds light on the increasing vulnerability of APIs to rapid discovery and exploitation, highlighting critical insights into the growing threat landscape for APIs.
APIs have now become the primary targets for attackers, surpassing traditional web applications. This underlines the urgent need for businesses to implement robust API security measures. Organizations are facing challenges due to uncontrolled API sprawl and lack of API governance, resulting in significant breaches from exposed APIs. The study by Wallarm reveals several alarming trends that demand immediate attention from organizations deploying APIs.
The key findings from the report are eye-opening. Newly deployed APIs are being discovered by attackers in as little as 29 seconds, showcasing the rapid pace at which vulnerabilities are being exploited. Unprotected APIs are under immediate threat, with attackers exploiting them within one minute of discovery. Furthermore, attackers using batched API requests can swiftly exfiltrate millions of user records in a matter of seconds. Recognizable and widely used API products are also facing heightened targeting by attackers, posing a significant risk to organizations.
Wallarm’s globally distributed honeypot, which spans across 14 locations, plays a crucial role in capturing data from various geographies and providers, providing valuable insights into critical trends. The honeypot offers targeted responses to API requests across multiple protocols, including REST, XML-RPC, GraphQL, and others. The data collected reveals that APIs are, in fact, the preferred vector for attackers, with over half (54%) of observed request types being API-specific. Among these requests, 40% targeted known vulnerabilities (CVEs). While port 80 emerged as the most commonly discovered entry point, interactions were distributed across various ports, emphasizing the need for comprehensive protection measures.
Ivan Novikov, CEO and founder of Wallarm, emphasized the importance of this research in understanding the evolving attack surface of APIs. He stated, “APIs are the foundation of modern applications, but their widespread deployment and inadequate protection make them an attractive target for attackers. We hope this research encourages organizations to invest in robust protection for their APIs.”
The full report by Wallarm offers actionable insights and recommendations to secure APIs effectively. Organizations looking to enhance their API security can access the complete research report and learn more about safeguarding their APIs by visiting http://www.wallarm.com/resources/api-honeypot-report.
In conclusion, the research report by Wallarm provides valuable insights into the growing threats faced by APIs and emphasizes the importance of implementing robust security measures to protect against evolving threats. With APIs becoming the prime target for attackers, organizations must prioritize API security to safeguard their data and systems effectively.