Wallarm Releases API Honeypot Report Highlighting API Attack Trends

December 18, 2024

2 Min Read
Press Release logo

PRESS RELEASE

SAN FRANCISCO--(BUSINESS WIRE)--Wallarm, the leader in real-time blocking of API attacks, on Dec. 17 unveiled a comprehensive security research report based on data collected from the world's first globally distributed API honeypot network. The findings reveal critical insights into the growing threat landscape for APIs, showcasing their increasing vulnerability to rapid discovery and exploitation.

APIs have surpassed web applications as the primary targets of attackers, underscoring the urgency for businesses to implement robust API security measures. Organizations are plagued by uncontrolled API sprawl and lack of API governance, leading to significant breaches from exposed APIs. Wallarm’s study highlights several alarming trends that demand immediate attention from organizations deploying APIs.

Key Findings from the Report:

  • APIs Are the Prime Target: APIs now attract more attacks than traditional web applications.

  • Rapid Discovery: Newly deployed APIs are discovered by attackers in as little as 29 seconds.

  • Immediate Exploitation: Unprotected APIs are exploited within one minute of discovery.

  • High Velocity Data Theft: Attackers using batched API requests can exfiltrate millions of user records in seconds.

  • Targeting Well-Known Products: Recognizable and widely used API products face heightened targeting by attackers.

Related:Interpol: Can We Drop the Term 'Pig Butchering'?

Wallarm’s globally distributed honeypot, spanning 14 locations, captures data from diverse geographies and providers, revealing critical trends. The honeypot provides targeted responses to API requests across multiple protocols, including REST, XML-RPC, GraphQL, and others. Over half (54%) of observed request types were API-specific, demonstrating that APIs are the preferred vector for attackers. Among these, 40% of requests targeted known vulnerabilities (CVEs). While port 80 emerged as the most commonly discovered entry point, interactions were distributed across many ports, demonstrating that protecting only common ports is insufficient.

“This report sheds light on a rapidly evolving attack surface and represents a groundbreaking effort in API security research,” said Ivan Novikov, CEO and founder at Wallarm. “APIs are the foundation of modern applications, but their widespread deployment and inadequate protection make them an attractive target for attackers. We hope this research helps organizations invest in strong protection for their APIs.”

Wallarm’s full report offers actionable insights and recommendations to safeguard APIs. To access the full research report and learn more about securing your APIs, visit http://www.wallarm.com/resources/api-honeypot-report.

Related:Phishers Spoof Google Calendar Invites in Fast-Spreading, Global Campaign

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars

Editor's Choice

A woman sitting at a laptop and holding a mobile device, the screens of both displaying a green check mark in a circle
Cyberattacks & Data Breaches
Researchers Crack Microsoft Azure MFA in an HourResearchers Crack Microsoft Azure MFA in an Hour
byElizabeth Montalbano, Contributing Writer
Dec 11, 2024
4 Min Read
The words "zero-day" written in a line of code on a computer screen
Application Security
Microsoft NTLM Zero-Day to Remain Unpatched Until AprilMicrosoft NTLM Zero-Day to Remain Unpatched Until April
byJai Vijayan, Contributing Writer
Dec 9, 2024
3 Min Read
A patchwork quilt
Application Security
Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch TuesdayMicrosoft Fixes Active Zero-Day, Critical RCEs on Patch Tuesday
byTara Seals, Managing Editor, News, Dark Reading
Dec 10, 2024
5 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers