API Security Under Siege: Staying Ahead of the Threat

Post Views: 100

Cyber Attackers Intensify Efforts to Compromise Online Systems

Cyber attackers are intensifying their efforts to compromise online systems, with APIs, web applications, and DDoS channels facing sustained malicious traffic. According to Akamai’s State of the Internet security report, these threats are interconnected and have been escalating across all three areas throughout 2025.

APIs Under Siege

APIs, in particular, are under siege, with the average number of API attacks per enterprise per day increasing from 121 in 2024 to 258 in 2025. This surge in activity has led to a rise in API-related security incidents, with most organizations reporting at least one such incident during the year.

“The threat landscape is evolving, with attackers no longer focusing on high-profile campaigns, but instead, aiming to degrade performance, drive up infrastructure costs, and exploit AI-driven automation at scale,” said Patrick Sullivan, CTO of Security Strategy at Akamai. “As enterprises invest heavily in AI transformation, attackers are targeting the APIs that power that transformation.”

Behavior-Based Threats on the Rise

Attackers are shifting their tactics to focus on how applications behave during normal use, with behavior-based threats now accounting for a larger share of API traffic. These threats exploit weaknesses in APIs, particularly in configuration and access control. Security misconfiguration, authorization, and authentication issues are the most common vulnerabilities, followed by unsafe API consumption and authentication problems.

DDoS Activity Remains a Concern

DDoS activity also continues to be a major concern, with attackers targeting both application and network layers. Layer 7 DDoS activity has increased over time, putting pressure on application-facing systems, while network-layer activity contributes to overall traffic volume during attacks. Botnet activity, including variants such as Aisuru and Kimwolf, supports these campaigns by infecting large numbers of IoT and Android devices.

Web Application Attacks on the Rise

Web application attacks have also increased, with injection-based techniques remaining a common tactic. These attacks target application inputs and how systems process data, and are part of routine traffic across many environments. Regional data shows continued pressure in APAC, where web application and API attacks reach into the tens of billions over the course of a year.

Conclusion

The interconnected nature of these threats highlights the need for organizations to prioritize API security and implement robust measures to protect against these evolving threats.