Sony Pixel Power calrec Sony

Vulnerable APIs and Bot Attacks Costing Businesses up to $186 Billion Annually

18/09/2024

Facebook

Twitter

LinkedIn

API insecurity and automated abuse by bots responsible for up to 11.8% of cyber events and losses globally

Bot-related security incident count rose 88% in 2022 and 28% in 2023

Insecure APIs result in up to $12 billion more in losses than they did in 2021

@Thales Imperva, a Thales company, the cybersecurity leader that protects critical applications, APIs, and data, anywhere at scale, releases the Economic Impact of API and Bot Attacks report. The analysis of more than 161,000 unique cybersecurity incidents and investigates the rising global costs of vulnerable or insecure APIs and automated abuse by bots, two security threats that are increasingly interconnected and prevalent. The report estimates that API insecurity and bot attacks result in up to $186[1] billion for businesses around the world.

The report is based on a study conducted by the Marsh McLennan Cyber Risk Intelligence Center which found that larger organizations were statistically more likely to have a higher percentage of security incidents that involved both insecure APIs and bot attacks. Enterprises with revenues of more than $1 billion were 2-3x more likely to experience automated API abuse by bots than small or mid-size businesses. The study suggests that large companies are particularly vulnerable to security risks associated with automated API abuse by bots because of complex and widespread API ecosystems that often contain exposed or insecure APIs.

Enterprises rely heavily on APIs to enable seamless communication between diverse applications and services. Data from Imperva Threat Research finds that the average enterprise managed 613 API endpoints in production last year. That number is growing rapidly as businesses face mounting pressure to deliver digital services with greater agility and efficiency.

Due to this increased reliance and their direct access to sensitive data, APIs have become attractive targets for bot operators. In 2023, automated threats accounted for 30% of all API attacks, according to data from Imperva Threat Research. Today, automated API abuse by bots costs organizations up to $17.9 billion of losses annually. As the number of APIs in production multiplies, cybercriminals will increasingly use automated bots to find and exploit API business logic, circumvent security measures, and exfiltrate sensitive data.



It's imperative that businesses across the world address the security risks posed by insecure APIs and bot attacks, or they face a substantial economic burden, says Nanhi Singh, General Manager of Application Security at Imperva, a Thales company. The interconnected nature of these threats necessitates that companies take a holistic approach, integrating comprehensive security strategies for both bot and API attacks.

Some of the key trends identified in the report include:

Increased API adoption and usage is growing the attack surface: The rapid adoption of APIs, inexperience of many API developers, and lack of collaboration between security and development teams has led insecure APIs to now result in up to $87 billion of losses annually, a $12 billion increase from 2021.



Bots negatively impact organizations' bottom line: The widespread availability of attack tools and generative AI models has enhanced bot evasion techniques and enabled even low-skilled attackers to launch sophisticated bot attacks. Up to $116 billion of losses annually can be attributed to automated attacks by bots.



API and bot-related security incidents are becoming more frequent: In 2022, API-related security incidents rose by 40%, and bot-related security incidents spiked by 88%. These increases were fueled by a rise in digital transactions, the expanding use of APIs, and geopolitical tensions like the Russia-Ukraine conflict. In the following year 2023, as digital traffic began to stabilize and the pandemic-driven surge in internet activity subsided, the frequency of these incidents moderated. API-related security incidents grew by 9%, while bot-related security incidents jumped by 28%. The overall upward trend in attacks highlights the growing persistence and frequency of these threats.



Insecure APIs and bot attacks pose a significant threat to large enterprises: Companies with revenue of at least $100 billion are most likely to suffer security incidents related to insecure APIs or bot attacks. These threats constitute up to 26% of all security incidents experienced by such businesses.



Countries around the globe are vulnerable to API and bot attacks: Brazil experienced the highest percentage of events related to insecure APIs or bot attacks, with the threats accounting for up to 32% of all observed security incidents. This was closely followed by France (up to 28%), Japan (up to 28%), and India (up to 26%). While the percentage of events attributed to API and bot-related security incidents was lower in the United States, 66% of all reported events related to vulnerable APIs or automated abuse by bots occurred within the country.

Reliance on APIs will continue to grow exponentially, driving connections to generative AI applications and large language models, adds Singh. At the same time, generative AI will also empower cybercriminals to create sophisticated bots at an accelerated and alarming rate. As API ecosystems expand and bots become more advanced, organizations should anticipate a significant rise in the economic impact of automated API abuse by bots unless proactive measures are taken.



Additional Information:

Download a copy of the The Economic Impact of API and Bot Attacks report for additional insights on the business impact of API and bot-related security incidents.

See how Imperva Advanced Bot Protection and API Security can protect websites, applications, and APIs from automated attacks and without affecting the flo
LINK: https://www.thalesgroup.com/en/worldwide/defence-and-security/press_re...
See more stories from thales

Europe Stories

05/01/2027

Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be demoed at CES 2026

Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be ...

07/10/2026

Dalet Flex LTS Delivers Smarter Media Operations from Ingest to Distribution

Dalet, a leading technology and service provider for media-rich organizations, today announced the latest Long-Term Supported (LTS) release of Dalet Flex. Build...

06/09/2026

Dolby and MagentaTV Bring Fans Closer to the FIFA World Cup 2026 in Germany with Dolby Vision and Dolby Atmos

June 9 2026, 23:00 (PDT) Dolby and MagentaTV Bring Fans Closer to the FIFA Worl...

04/08/2026

Dalet Announces Commercial Availability of Dalia, Bringing Media-Aware Agentic AI to Enterprise Productions

Dalet, a leading technology and service provider for media-rich organizations, t...

12/07/2026

Korg NTS-4: DIY analogue performance mixer

Offers six-channels and built-in effects Korg's latest release introduces a new analogue mixer that's been designed to act as a hub for live electro...

11/07/2026

Handcrafted Mallets from Handcrafted Audio

Promises a vividness and depth rarely found in software Switzerland-based Handcrafted Audio's latest creation is an interesting hybrid instrument that...

10/07/2026

AES Show Nashville: Early Bird registration opens

Discounted rates available through 27 August 2026 The Audio Engineering Society (AES) have announced that Early Bird registration is now open for the AES Sh...

10/07/2026

Sony introduce the IER-M500

New in-ear monitors to launch in August 2026 Sony have announced the upcoming launch of a new pair of in-ear monitors that promise to deliver a secure, stab...

10/07/2026

New RT documentary explores Irish-led efforts to build bridges

New RT documentary explores Irish-led efforts to build bridges in divided Cyprus More than a Game: From D1 to Pyla airs Monday 13 July More Than a Game: Fro...

09/07/2026

Universal Audio Black Box HG-2 & elysia karacter

Latest analogue-emulation plug-ins revealed Universal Audio have just added two new analogue-emulation plug-ins to their DSP-powered UAD line-up. Developed ...

09/07/2026

Neumann launch U 47 FET Bon Scott Edition

Limited-edition mic celebrates rock icon Neumann have partnered with the Bon Scott Estate to create a limited-edition version of the U 47 FET that honours b...

09/07/2026

Plugin Station: Plug-in management software

Handles organisation, updates, troubleshooting & more Created by pro-audio software developer Julian Worden, Plugin Station from Julian Michael Technologies...

09/07/2026

LANDR expand Fair Trade AI programme

Introduces new $1 million advance programme LANDR have just announced the next phase of their Fair Trade AI programme, a pioneering opt-in music-licensing p...

09/07/2026

Spitfire Audio expand low-cost Originals range

Four new titles now available Spitfire Audio have just introduced four new titles in their Originals range, bringing the total count of libraries in the low...

09/07/2026

The Search for Leah Croucher: A Parent's Nightmare for U and U&W

Years in the making, this intimate documentary draws on rare access to Leah Crouchers family to tell the story behind one of Britains most high-profile missing ...

09/07/2026

Enjoy Gigafast speeds and Ultimate TV pack for less

Thursday 9 July 2026 Enjoy Gigafast speeds and Ultimate TV pack for less The latest deals have dropped from Sky TV and Sky Broadband, the award-winning provid...

09/07/2026

Local campaigns with impact

Hands up who would like to dress up as a giant crisp packet? The call that went out across the agency as our anti-litter campaign, Wish you weren't here fo...

08/07/2026

Universal Audio introduce Black Box HG-2 & elysia karacter

Latest analogue-emulation plug-ins revealed Universal Audio have just added two new analogue-emulation plug-ins to their DSP-powered UAD line-up. Developed ...

08/07/2026

Pitch Innovations release Loop2Kit

Turn any audio loop into a playable kit Pitch Innovations have recently introduced an interesting new tool that's capable of creating playable kits from...

08/07/2026

MonkeyC update Rando sampler plug-in

Adds new keyboard-split function MonkeyC have recently launched an update that overhauls their powerful software sampler. Described as the sampler that mad...

08/07/2026

Strymon unveil the TimeLine MX

Four new delay algorithms & dual-engine functionality Strymon have just announced that the much-anticipated MX version of their hugely popular delay pedal i...

08/07/2026

Rohde & Schwarz and China Mobile Research Institute jointly demonstrate generative AI user experience testing

Rohde & Schwarz and China Mobile Research Institute jointly demonstrate generati...

08/07/2026

Hong Kong Jockey Club Expands Intercom Infrastructure With Riedel Artist-1024 and 1200 Series SmartPanels

Wuppertal July 8, 2026 Hong Kong Jockey Club Expands Intercom Infrastructure W...

08/07/2026

RT to air award-winning documentary TESTIMONY

Film follows the courageous fight for justice by survivors of Ireland's Magdalene Laundries & Mother and Baby Homes TESTIMONY airs Wednesday 22 July at 9...

07/07/2026

Open call: Apply for the Media Innovation Europe Validation Booster

Applications are now open for the Validation Booster, a six-month acceleration programme supporting journalists, media organisations, content creators, media in...

07/07/2026

Mix Buddy instrument mixer from Heritage Audio

New mixer aimed squarely at instrument-level sources Heritage Audio have clearly been busy recently, as alongside their all-new Tubestrip, they've also ...

07/07/2026

Heritage Audio unveil the Tubestrip

New channel strip combines popular hardware designs The latest arrival to the Heritage Audio line-up brings together a selection of their praised hardware d...

07/07/2026

Clear-Com Powers Ross Production Services Mobile Productions

eds3_5_jq(document).ready(function($) { $(#eds_sliderM519).chameleonSlider_2_1({ content_source:......

07/07/2026

Toby Regbo, Harry Gilby and Jessica Barden lead cast for The Cadburys - the true story of the Cadbury family - with filming now underway in Birmingham

UKTV commission with BritBox and Sony Pictures Television and inspired by Deborah Cadbury's book, Chocolate Wars The six-part series is produced by Fable P...

07/07/2026

Record audiences tune into the ICC Womens T20 World Cup 2026 on Sky Sports

Tuesday 7 July 2026 Record audiences tune into the ICC Women's T20 World Cup 2026 on Sky Sports The ICC Women's T20 World Cup 2026 was the most watche...

07/07/2026

Official trailer released for Fightland, a revenge drama from executive producer Curtis 50 Cent Jackson coming August to Sky and NOW

Tuesday 7 July 2026 Official trailer released for Fightland, a revenge drama fr...

07/07/2026

Riedel and ARRI Bring Cinematic Live Production to the Eurovision Song Contest

Wuppertal July 7, 2026 Riedel and ARRI Bring Cinematic Live Production to the Eurovision Song ContestRiedel Communications and ARRI played a key role in one o...

07/07/2026

Patrick Kielty in The Late Late Chair until 2028

To Whom It Concerns RT today confirmed that Patrick Kielty is to extend his contract as host of The Late Late Show. Last season, the world's longest-runn...

06/07/2026

Synth Anthology 5 From UVI

Bundle gains 100 new synths & more Synth Anthology 5 the largest and most feature-packed edition of UVI's hardware synth emulation bundle, bringing toge...

06/07/2026

MOTU 16A, 848 & 10pre gain Milan certification

Available now via free firmware update MOTU have just announced that three of their popular audio interfaces now boast official Milan Certification. The 16A...

06/07/2026

Rohde & Schwarz completes Hunter Preliminary Design Review for the Integrated Communications System

Rohde & Schwarz completes Hunter Preliminary Design Review for the Integrated Co...

06/07/2026

The R&S IMAGER from Rohde & Schwarz uses millimeter wave imaging to inspect the quality of packaged goods in real time

The R&S IMAGER from Rohde & Schwarz uses millimeter wave imaging to inspect the ...

06/07/2026

Sky Kids unveils new slate for 2026 including Paris Hiltons animated series, Paris & Pups

Monday 6 July 2026 Sky Kids unveils new slate for 2026 including Paris Hilton&#...

06/07/2026

Sky agrees to acquire ITV Media & Entertainment, creating a commercial streaming champion for the UK

Monday 6 July 2026 Sky agrees to acquire ITV Media & Entertainment, creating a ...

06/07/2026

Pico Lopes joins RT's FIFA World Cup 2026 Live panel

Fresh from his World Cup heroics with Cabo Verde, Roberto Pico' Lopes will join the RT panel for Argentina v Egypt tomorrow and for the England v Norway q...

06/07/2026

New RT documentary The Girl in the Water follows one family's search for answers following the death of their 23-year-old daughter

A death can be unsuspicious, but it has to be explained What happened to Ke...

05/07/2026

Free Behringer Synth Editor

Browser-based and desktop apps available Digital Sunset Studios have been busy working on an interesting project: a free software tool that provides compute...

04/07/2026

Rhodes to launch the MK8/80AE

Celebrates company's 80th anniversary Rhodes have recently revealed that they will be producing a limited run of electric pianos in celebration of their...

04/07/2026

** MEDIA ALERT **BLEACH: THOUSAND-YEAR BLOOD WAR - THE CALAMITY Continues Its Momentum at Anime Expo

** MEDIA ALERT ** BLEACH: THOUSAND-YEAR BLOOD WAR THE CALAMITY Continues I...

04/07/2026

** MEDIA ALERT ** VIZ Media Unveils New Anime Slate at Anime Expo 2026 with MAO, RWBY, and BLACK TORCH Updates

** MEDIA ALERT ** VIZ Media Unveils New Anime Slate at Anime Expo 2026 with ...

04/07/2026

Detective Conan: Fallen Angel of the Highway Opens in Dolby Cinemas Across Japan, Presented in Dolby Atmos and Dolby ...

April 7 2026, 19:00 (PDT) Detective Conan: Fallen Angel of the Highway Opens in...

03/07/2026

VSL reveal Synchron Brass (muted)

New bundle & three Single Packs Continuing to expand their already sizeable orchestral collection, VSL's latest release introduces three new Single Pack...

03/07/2026

London Symphony Orchestra upgrade LSO St Luke's

Venue installs new ATC-equipped control room LSO St Luke's, a unique music venue that also serves as the home of the London Symphony Orchestra, have rec...

03/07/2026

2023

1 February 2023 SHARE Facebook Twitter Linkedin Email Munich, Germany, 1st February 2023: Cinegy GmbH, the premier provider of software technology for digit...