Vulnerable APIs and Bot Attacks Costing Businesses up to $186 Billion Annually
전체 맥락을 이해하기 위해서는 본문 보기를 권장합니다.
"Reliance on APIs will continue to grow exponentially, driving connections to generative AI applications and large language models," adds Singh. "At the same time, generative AI will also empower cybercriminals to create sophisticated bots at an accelerated and alarming rate. As API ecosystems expand and bots become more advanced, organizations should anticipate a significant rise in the economic impact of automated API abuse by bots unless proactive measures are taken."
이 뉴스는 기업·기관·단체가 뉴스와이어를 통해 배포한 보도자료입니다.
이 글자크기로 변경됩니다.
(예시) 가장 빠른 뉴스가 있고 다양한 정보, 쌍방향 소통이 숨쉬는 다음뉴스를 만나보세요. 다음뉴스는 국내외 주요이슈와 실시간 속보, 문화생활 및 다양한 분야의 뉴스를 입체적으로 전달하고 있습니다.
MEUDON, France -- Businesswire -- Thales, the cybersecurity leader that protects critical applications, APIs, and data, anywhere at scale, releases the “Economic Impact of API and Bot Attacks (https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fwww.imperva.com%2Fresources%2Fresource-library%2Freports%2Fthe-economic-impact-of-api-and-bot-attacks%2F&esheet=54123482&newsitemid=20240918198180&lan=en-US&anchor=Economic+Impact+of+API+and+Bot+Attacks&index=1&md5=c9b9158ed814a38a8813389c02210576)” report. The analysis of more than 161,000 unique cybersecurity incidents uncovers the rising global costs of vulnerable or insecure APIs and automated abuse by bots, two security threats that are increasingly interconnected and prevalent. The report estimates that API insecurity and bot attacks result in up to $186[1] billion of losses for businesses around the world.
The report is based on a study conducted by the Marsh McLennan Cyber Risk Intelligence Center which found that larger organizations were statistically more likely to have a higher percentage of security incidents that involved both insecure APIs and bot attacks. Enterprises with revenues of more than $1 billion were 2-3x more likely to experience automated API abuse by bots than small or mid-size businesses. The study suggests that large companies are particularly vulnerable to security risks associated with automated API abuse by bots because of complex and widespread API ecosystems that often contain exposed or insecure APIs.
Enterprises rely heavily on APIs to enable seamless communication between diverse applications and services. Data from the Imperva Threat Research team, finds that the average enterprise managed 613 API endpoints in production last year. That number is growing rapidly as businesses face mounting pressure to deliver digital services with greater agility and efficiency.
Due to this increased reliance and their direct access to sensitive data, APIs have become attractive targets for bot operators. In 2023, automated threats generated by bots accounted for 30% of all API attacks, according to data from Imperva Threat Research. Today, automated API abuse by bots costs organizations up to $17.9 billion of losses annually. As the number of APIs in production multiplies, cybercriminals will increasingly use automated bots to find and exploit API business logic, circumvent security measures, and exfiltrate sensitive data.
“It’s imperative that businesses across the world address the security risks posed by insecure APIs and bot attacks, or they face a substantial economic burden,” says Nanhi Singh, General Manager of Application Security at Imperva, a Thales company. “The interconnected nature of these threats necessitates that companies take a holistic approach, integrating comprehensive security strategies for both bot and API attacks.”
Some of the key trends identified in the report include:
· Increased API adoption and usage is growing the attack surface: The rapid adoption of APIs, inexperience of many API developers, and lack of collaboration between security and development teams has led insecure APIs to now result in up to $87 billion of losses annually, a $12 billion increase from 2021. · Bots negatively impact organizations’ bottom line: The widespread availability of attack tools and generative AI models has enhanced bot evasion techniques and enabled even low-skilled attackers to launch sophisticated bot attacks. Up to $116 billion of losses annually can be attributed to automated attacks by bots. · API and bot-related security incidents are becoming more frequent: In 2022, API-related security incidents rose by 40%, and bot-related security incidents spiked by 88%. These increases were fueled by a rise in digital transactions, the expanding use of APIs, and geopolitical tensions like the Russia-Ukraine conflict. In the following year 2023, as digital traffic began to stabilize and the pandemic-driven surge in internet activity subsided, the frequency of these incidents moderated. API-related security incidents grew by 9%, while bot-related security incidents jumped by 28%. The overall upward trend in attacks highlights the growing persistence and frequency of these threats. · Insecure APIs and bot attacks pose a significant threat to large enterprises: Companies with revenue of at least $100 billion are most likely to suffer security incidents related to insecure APIs or bot attacks. These threats constitute up to 26% of all security incidents experienced by such businesses. · Countries around the globe are vulnerable to API and bot attacks: Brazil experienced the highest percentage of events related to insecure APIs or bot attacks, with the threats accounting for up to 32% of all observed security incidents. This was closely followed by France (up to 28%), Japan (up to 28%), and India (up to 26%). While the percentage of events attributed to API and bot-related security incidents was lower in the United States, 66% of all reported events related to vulnerable APIs or automated abuse by bots occurred within the country.
“Reliance on APIs will continue to grow exponentially, driving connections to generative AI applications and large language models,” adds Singh. “At the same time, generative AI will also empower cybercriminals to create sophisticated bots at an accelerated and alarming rate. As API ecosystems expand and bots become more advanced, organizations should anticipate a significant rise in the economic impact of automated API abuse by bots unless proactive measures are taken.”
Additional Information:
· Download a copy of the “Economic Impact of API and Bot Attacks (https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fwww.imperva.com%2Fresources%2Fresource-library%2Freports%2Fthe-economic-impact-of-api-and-bot-attacks%2F&esheet=54123482&newsitemid=20240918198180&lan=en-US&anchor=Economic+Impact+of+API+and+Bot+Attacks&index=2&md5=58c0bc997d6678b538aff424dfc1eef7)” report for additional insights on the business impact of API and bot-related security incidents. · See how Imperva Advanced Bot Protection (https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fwww.imperva.com%2Fproducts%2Fadvanced-bot-protection-management%2F%3Futm_source%3Dpress-release%26utm_medium%3Dpr&esheet=54123482&newsitemid=20240918198180&lan=en-US&anchor=Advanced+Bot+Protection&index=3&md5=abdeb289e5a8de159879d797c4b6daf2) and API Security (https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fwww.imperva.com%2Fproducts%2Fapi-security%2F%3Futm_medium%3DPR%26utm_source%3DPR%26Lead-Source%3DReferral-Organic&esheet=54123482&newsitemid=20240918198180&lan=en-US&anchor=API+Security&index=4&md5=12907efd4a57ff26e470351bdd4e7310) can protect websites, applications, and APIs from automated attacks and without affecting the flow of business-critical traffic. · Read the Imperva Blog (https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2F%3Futm_source%3Dpress-release%26utm_medium%3Dpr&esheet=54123482&newsitemid=20240918198180&lan=en-US&anchor=Imperva+Blog&index=5&md5=de7f6dd7c956fb1a8ad4cf34a4520a6d) (Imperva, a Thales company) for the latest product and solution news, and threat intelligence from Imperva Threat Research.
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies specialized in three business domains: Defence & Security, Aeronautics & Space, and Cybersecurity & Digital identity.
It develops products and solutions that help make the world safer, greener and more inclusive.
The Group invests close to €4 billion a year in Research & Development, particularly in key innovation areas such as AI, cybersecurity, quantum technologies, cloud technologies and 6G.
Thales has close to 81,000 employees in 68 countries. In 2023, the Group generated sales of €18.4 billion.
PLEASE VISIT
Thales Group (https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fwww.thalesgroup.com%2Fen&esheet=54123482&newsitemid=20240918198180&lan=en-US&anchor=Thales+Group&index=6&md5=3cb78e628f536ea1450039a11c3083b3)
Cloud Protection & Licensing Solutions | Thales Group (https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fcpl.thalesgroup.com%2F&esheet=54123482&newsitemid=20240918198180&lan=en-US&anchor=Cloud+Protection+%26amp%3B+Licensing+Solutions+%7C+Thales+Group&index=7&md5=343da32754b327d40fd84c1593dddba0)
Cybersecurity Solutions | Thales Group (https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fwww.thalesgroup.com%2Fen%2Fmarkets%2Ftransverse-markets%2Fcybersecurity-solutions&esheet=54123482&newsitemid=20240918198180&lan=en-US&anchor=Cybersecurity+Solutions+%7C+Thales+Group&index=8&md5=284514b20fa6505878d8c62ed85923ed)
News Highlights and Awards | Imperva (https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fwww.imperva.com%2Fcompany%2Fnews%2F%3Futm_source%3Dpress-release%26utm_medium%3Dpr&esheet=54123482&newsitemid=20240918198180&lan=en-US&anchor=News+Highlights+and+Awards+%7C+Imperva&index=9&md5=c461627151441971d217e0ee378be0e2)
[1] The overall total does not double count events that are both API and bot related.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240918198180/en/
이 뉴스는 기업·기관·단체가 뉴스와이어를 통해 배포한 보도자료입니다.
출처:Thales
보도자료 통신사 뉴스와이어(www.newswire.co.kr) 배포
Copyright © 뉴스와이어. 무단전재 및 재배포 금지.
- 현대차·기아, 미국 카즈닷컴 ‘2024 전기차 톱 픽’ 최다 부문 선정 - 뉴스와이어
- K-뷰티 시술권 거래를 손쉽게… 슈퍼블록, 오버플렉스 마켓 베타버전 출시 - 뉴스와이어
- ‘이게 공공기관이 만든 드라마라고’ 코이카 제작 웹드라마 ‘개발남녀’ 화제 - 뉴스와이어
- 영등포문화재단, 구로문화재단·금천문화재단·한국인형극협회와 함께 ‘예술도시, 인형극, 아
- 아이앤비코리아, 성능 41배·수명 30배 암모니아 필터 ‘AIRODEO’ 개발 - 뉴스와이어
- LS일렉트릭, 영국 보틀리 ESS 발전소 준공 - 뉴스와이어
- 국립농산물품질관리원 등 CHC LAB 납품 기관, 과기부 선정 ‘안전관리 우수연구실’ 인증 - 뉴스와
- 제로웹-선한병원, 섬마을 노인들에게 디지털 케어 서비스 제공 - 뉴스와이어
- 더존비즈온 ‘ONE AI’ 출시 4개월 만에 1000개 계약 기업 돌파 - 뉴스와이어
- 메드믹스, 광선조사기 ‘스마트룩스’ 브라질 ANVISA 인증 획득 - 뉴스와이어