AI-Powered APIs Under Siege: The Rise of Coordinated DDoS Attacks

Post Views: 10

A New Era of Coordinated Cyberattacks

A new era of coordinated cyberattacks has emerged, characterized by the convergence of artificial intelligence (AI), application programming interfaces (APIs), and distributed denial-of-service (DDoS) attacks. According to a recent report by Akamai, this convergence has shifted from an emerging trend to an operating model for attackers.

Major Developments in Cyberattacks

The report highlights three major developments over the past year: the evolution of DDoS attacks, the increase in API attacks, and the growing use of AI as a force multiplier in cyberattacks. DDoS attacks continue to increase in both quantity and effect, with layer 7 (application layer) attacks increasing by 104% over the past three years. These attacks target APIs and web applications, disrupting operations without necessarily causing visible downtime.

Layer 3 and layer 4 attacks, which flood the network and transport layers, have also increased in scale, with Mirai and its variants remaining a primary culprit. However, the report notes that hacktivism remains the primary motivation for these attacks, and with ongoing political tensions, this trend is unlikely to stop.

The Convergence of Attack Capabilities

The convergence of attack capabilities is evident in the appearance of both DDoS categories in a single attack. For example, a customer experienced a dynamic attack powered by a TurboMirai variant that shifted between layers 3 and 4 and layer 7. Additionally, Qilin, a Russia-linked ransomware-as-a-service (RaaS) group, has added DDoS to its toolkit and is currently the top ransomware threat targeting the US.

API Attacks on the Rise

API attacks are also on the rise, with 87% of companies experiencing an API-related security incident in 2025. APIs are becoming increasingly exposed entry points into the enterprise environment, and their exploitation can lead to full-scale breaches. The growth of API attacks is fueled by the increasing use of APIs in software-as-a-service (SaaS) apps, which often include agentic AI with multiple APIs.

APIs are becoming more common, and companies are rapidly moving their infrastructure to APIs and AI. But as they do this, there are problems. Whenever you have transformation, you have difficulty with security.

— Steve Winterfeld, advisory CISO at Akamai

A Converged Approach to Security

The report emphasizes the need for security to converge in response to this new attack operating model. Defenders must integrate their resources to maximize protection against web app attacks, API abuse, bot activity, and DDoS attacks. This requires a converged approach to security, rather than separate teams focusing on individual areas.

The report highlights the need for a converged approach to security, where defenders integrate their resources to maximize protection against the new attack operating model. This requires a shift in mindset, from separate teams focusing on individual areas to a converged approach that addresses the intersection of AI, APIs, and DDoS attacks.