SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Rise in DDoS attacks & API security threats in 2023
Wed, 10th Jan 2024

Cloudflare, a global leader in cloud-based services, has published two critical data reports focusing on the rising threats associated with Application Programming Interfaces (APIs) and the calculated deployment and impact of Distributed Denial of Service (DDoS) attacks during the last quarter of 2023.

According to their Q4 DDoS Trends Report, Cloudflare revealed an eleven-fold increase in DDoS attacks on Palestinian websites amid ongoing military conflict with Israel. Concurrently, over 2.2 billion HTTP DDoS requests, 40% of which targeted newspapers and media, were directed at Israeli websites and were successfully mitigated by Cloudflare.

The report also highlighted an alarming trend with the cryptocurrency sector emerging as the most targeted industry by attack volume, closely followed by the gaming and gambling sector. Additionally, network-layer DDoS attacks had risen sharply by 117% compared to the previous year, with increased DDoS activities focusing on retail, shipment, and public relations websites particularly during Black Friday and the festive season.

Significantly, the environmental services sector reported a staggering 618-fold surge in DDoS attacks compared to 2022, coinciding with the 28th United Nations Climate Change Conference (COP 28). According to geographical data, China led as the most attacked country, accounting for 45% of all network-layer attacks.

Cloudflare's 2024 API Security and Management Report spotlighted the prominent role of APIs across digital platforms and the associated risks. A worrying revelation from the report was the unmanageable growth of 'shadow APIs'. Custodians are unable to shield what remains invisible to them, and almost 31% more API REST endpoints were found through machine learning than by customer-provided session identifiers.

"APIs are central to how applications and websites work, which makes them a rich, and relatively new, target for hackers," said Matthew Prince, CEO and co-founder at Cloudflare. He emphasised the importance for companies to identify and secure all their APIs to prevent potential data breaches.

The report found that successful API requests accounted for 57% of Internet traffic processed by Cloudflare. The most represented industries were the IoT platform, rail/bus/taxi, legal services, multimedia/games, and the logistics/supply chain industries. DDoS mitigation emerged as the top safeguard with one-third (33%) of all API mitigation comprising of blocking DDoS attacks.

The findings underline the disconnection between the proliferation of API usage by organisations and their capability to secure the data that these APIs manage. APIs power much of the digital world, including phones, smartwatches, banking systems, and shopping sites, and while they can enable fantastic possibilities, like facilitating payment on e-commerce sites or securely transferring patient data for healthcare systems, unsecured APIs can provide a trove of sensitive information targeted by threat actors.

Melinda Marks, Practice Director of Cybersecurity for Enterprise Strategy Group, commented on the report, stating that each API represents a potential attack surface requiring protection. She emphasised that the report only reinforces the pressing need for organisations to find more effective ways to deal with API security, starting with better visibility of APIs, establishing secure authentication and authorisation pathways between connections, and improving ways to secure their applications from attacks.