Wallarm unveiled
a comprehensive security research report based on data collected from
the world's first globally distributed API honeypot network. The
findings reveal critical insights into the growing threat landscape for
APIs, showcasing their increasing vulnerability to rapid discovery and
exploitation.
APIs have surpassed web applications as the primary targets of
attackers, underscoring the urgency for businesses to implement robust
API security measures. Organizations are plagued by uncontrolled API
sprawl and lack of API governance, leading to significant breaches from
exposed APIs. Wallarm's study highlights several alarming trends that
demand immediate attention from organizations deploying APIs.
Key Findings from the Report:
-
APIs Are the Prime Target: APIs now attract more attacks than traditional web applications.
-
Rapid Discovery: Newly deployed APIs are discovered by attackers in as little as 29 seconds.
-
Immediate Exploitation: Unprotected APIs are exploited within one minute of discovery.
-
High Velocity Data Theft: Attackers using batched API requests can exfiltrate millions of user records in seconds.
-
Targeting Well-Known Products: Recognizable and widely used API products face heightened targeting by attackers.
Wallarm's globally distributed honeypot, spanning 14 locations, captures
data from diverse geographies and providers, revealing critical trends.
The honeypot provides targeted responses to API requests across
multiple protocols, including REST, XML-RPC, GraphQL, and others. Over
half (54%) of observed request types were API-specific, demonstrating
that APIs are the preferred vector for attackers. Among these, 40% of
requests targeted known vulnerabilities (CVEs). While port 80 emerged as
the most commonly discovered entry point, interactions were distributed
across many ports, demonstrating that protecting only common ports is
insufficient.
"This report sheds light on a rapidly evolving attack surface and
represents a groundbreaking effort in API security research," said Ivan
Novikov, CEO and founder at Wallarm. "APIs are the foundation of modern
applications, but their widespread deployment and inadequate protection
make them an attractive target for attackers. We hope this research
helps organizations invest in strong protection for their APIs."
Wallarm's full report offers actionable insights and recommendations to
safeguard APIs. To access the full research report and learn more about
securing your APIs, visit http://www.wallarm.com/resources/api-honeypot-report.