CP
cyberpings
Threat IntelHIGH

API Attacks - Surge of 113% in Daily Incidents Reported

IMInfosecurity Magazine
AkamaiAPI attacksOWASPDDoSAI security
🎯

Basically, there are way more attacks on APIs now, which are crucial for apps to work.

Quick Summary

Akamai reports a staggering rise in API attacks, with 87% of organizations affected. This shift to behavior-based attacks highlights serious security risks. Organizations must enhance their defenses to combat this growing threat.

What Happened

Akamai's latest report reveals a dramatic 113% increase in the average number of daily API attacks, jumping from 121 in 2024 to 258 in 2025. This surge highlights the growing importance of APIs as the primary attack surface for organizations worldwide. Alarmingly, 87% of organizations reported experiencing an API-related security incident last year, marking a significant shift in the cybersecurity landscape.

The report indicates that 61% of these attacks involved unauthorized workflows and abnormal activities. This shift from traditional web-based attacks to more sophisticated behavior-based attacks suggests that threat actors are evolving their tactics to exploit vulnerabilities more effectively.

Who's Being Targeted

Organizations across various sectors are feeling the pressure as APIs become the focal point for cyber threats. The report emphasizes that sensitive data is increasingly traversing these interfaces, with an average of 3000 APIs per customer containing such information. Unfortunately, 12% of these APIs displayed security weaknesses, with 24% of those weaknesses related to sensitive data exposure.

As enterprises invest heavily in AI technologies, they inadvertently increase their attack surface. The integration of AI with APIs not only enhances functionality but also opens new avenues for exploitation. Attackers are leveraging these vulnerabilities to automate and accelerate their campaigns, making it crucial for organizations to fortify their defenses.

Tactics & Techniques

Akamai's findings reveal a concerning trend of blended attacks that combine API abuse, web application attacks, and Layer 7 DDoS activities. Web application attacks surged by 73% between 2023 and 2025, while Layer 7 DDoS attacks increased by 104% over the same period. This rise is fueled by the availability of DDoS-for-hire services and AI-enabled attack scripts that streamline targeting.

The report highlights that attackers are shifting their focus from high-profile campaigns to degrading performance and increasing infrastructure costs. By automating these attacks, they can execute sophisticated strategies that are both cheap and fast, posing a significant threat to organizations that are unprepared.

Defensive Measures

To combat this alarming trend, Akamai recommends several strategies for Chief Information Security Officers (CISOs):

  • Enhance visibility into the environment to tackle DDoS, app, and API attacks effectively.
  • Deploy an integrated security platform that adapts to the organization’s risk tolerance.
  • Invest in training and validation exercises to ensure that teams are prepared for evolving threats.
  • Reference industry best practices, such as OWASP, to prioritize security training and controls.

By coordinating protection across DDoS mitigation, web application firewalls (WAF), API security, and identity-aware controls, organizations can better defend against these increasingly sophisticated threats. As the landscape continues to evolve, staying informed and proactive will be key to maintaining robust cybersecurity defenses.

🔒 Pro insight: The rise in API attacks signals a critical need for organizations to reassess their security frameworks and integrate API security into their overall strategy.

Original article from

Infosecurity Magazine

Read Full Article

Share

Related Pings

HIGHThreat Intel

DDoS Attacks - New Era of AI-Powered Cyberattacks Emerges

Akamai warns of a new era of cyberattacks where DDoS, API abuse, and AI converge. This shift complicates defense strategies, posing significant risks for organizations. As attacks become more sophisticated, companies must enhance their security measures to stay protected.

SecurityWeek·
HIGHThreat Intel

Stryker Cyberattack - Employee Devices Wiped Remotely

A major cyberattack on Stryker wiped thousands of employee devices using Microsoft Intune. The hacktivist group Handala claimed responsibility, causing widespread disruption. Fortunately, Stryker's medical devices remain unaffected. The incident underscores the need for enhanced cybersecurity measures.

Security Affairs·
HIGHThreat Intel

Destructive Wiper Attack - Stryker Suffers Major Cyber Incident

Stryker Corporation confirmed a major cyberattack that wiped thousands of devices, allegedly by Handala. This politically motivated incident disrupted operations significantly. Fortunately, medical devices remain safe, but the attack raises serious security concerns.

Cyber Security News·
HIGHThreat Intel

China-Linked Cyberespionage - Southeast Asian Militaries Targeted

A multi-year cyberespionage campaign linked to China has been targeting Southeast Asian militaries. This ongoing operation poses significant risks to national security and regional stability. Experts urge enhanced cybersecurity measures to counter these threats and protect sensitive military data.

SC Media·
HIGHThreat Intel

GlassWorm - Supply Chain Attack Campaign Expands Further

The GlassWorm supply chain attack is growing, using fake software tools and compromised GitHub repositories. Developers are at risk as these malicious tactics become more sophisticated. Stay informed and protect your projects.

SC Media·
HIGHThreat Intel

Global Cybercrime Clampdown - Disrupting 45K Illicit IPs

A major international operation has disrupted over 45,000 illicit IP addresses linked to cybercrime. Law enforcement from 72 countries participated, highlighting the need for global cooperation. This clampdown protects individuals and organizations from potential fraud and data breaches.

SC Media·