Vulnerable APIs and Bot Attacks Costing Businesses up to $186 Billion Annually
18/09/2024
API insecurity and automated abuse by bots responsible for up to 11.8% of cyber events and losses globally
Bot-related security incident count rose 88% in 2022 and 28% in 2023
Insecure APIs result in up to $12 billion more in losses than they did in 2021
@Thales Imperva, a Thales company, the cybersecurity leader that protects critical applications, APIs, and data, anywhere at scale, releases the Economic Impact of API and Bot Attacks report. The analysis of more than 161,000 unique cybersecurity incidents and investigates the rising global costs of vulnerable or insecure APIs and automated abuse by bots, two security threats that are increasingly interconnected and prevalent. The report estimates that API insecurity and bot attacks result in up to $186[1] billion for businesses around the world.
The report is based on a study conducted by the Marsh McLennan Cyber Risk Intelligence Center which found that larger organizations were statistically more likely to have a higher percentage of security incidents that involved both insecure APIs and bot attacks. Enterprises with revenues of more than $1 billion were 2-3x more likely to experience automated API abuse by bots than small or mid-size businesses. The study suggests that large companies are particularly vulnerable to security risks associated with automated API abuse by bots because of complex and widespread API ecosystems that often contain exposed or insecure APIs.
Enterprises rely heavily on APIs to enable seamless communication between diverse applications and services. Data from Imperva Threat Research finds that the average enterprise managed 613 API endpoints in production last year. That number is growing rapidly as businesses face mounting pressure to deliver digital services with greater agility and efficiency.
Due to this increased reliance and their direct access to sensitive data, APIs have become attractive targets for bot operators. In 2023, automated threats accounted for 30% of all API attacks, according to data from Imperva Threat Research. Today, automated API abuse by bots costs organizations up to $17.9 billion of losses annually. As the number of APIs in production multiplies, cybercriminals will increasingly use automated bots to find and exploit API business logic, circumvent security measures, and exfiltrate sensitive data.
It's imperative that businesses across the world address the security risks posed by insecure APIs and bot attacks, or they face a substantial economic burden, says Nanhi Singh, General Manager of Application Security at Imperva, a Thales company. The interconnected nature of these threats necessitates that companies take a holistic approach, integrating comprehensive security strategies for both bot and API attacks.
Some of the key trends identified in the report include:
Increased API adoption and usage is growing the attack surface: The rapid adoption of APIs, inexperience of many API developers, and lack of collaboration between security and development teams has led insecure APIs to now result in up to $87 billion of losses annually, a $12 billion increase from 2021.
Bots negatively impact organizations' bottom line: The widespread availability of attack tools and generative AI models has enhanced bot evasion techniques and enabled even low-skilled attackers to launch sophisticated bot attacks. Up to $116 billion of losses annually can be attributed to automated attacks by bots.
API and bot-related security incidents are becoming more frequent: In 2022, API-related security incidents rose by 40%, and bot-related security incidents spiked by 88%. These increases were fueled by a rise in digital transactions, the expanding use of APIs, and geopolitical tensions like the Russia-Ukraine conflict. In the following year 2023, as digital traffic began to stabilize and the pandemic-driven surge in internet activity subsided, the frequency of these incidents moderated. API-related security incidents grew by 9%, while bot-related security incidents jumped by 28%. The overall upward trend in attacks highlights the growing persistence and frequency of these threats.
Insecure APIs and bot attacks pose a significant threat to large enterprises: Companies with revenue of at least $100 billion are most likely to suffer security incidents related to insecure APIs or bot attacks. These threats constitute up to 26% of all security incidents experienced by such businesses.
Countries around the globe are vulnerable to API and bot attacks: Brazil experienced the highest percentage of events related to insecure APIs or bot attacks, with the threats accounting for up to 32% of all observed security incidents. This was closely followed by France (up to 28%), Japan (up to 28%), and India (up to 26%). While the percentage of events attributed to API and bot-related security incidents was lower in the United States, 66% of all reported events related to vulnerable APIs or automated abuse by bots occurred within the country.
Reliance on APIs will continue to grow exponentially, driving connections to generative AI applications and large language models, adds Singh. At the same time, generative AI will also empower cybercriminals to create sophisticated bots at an accelerated and alarming rate. As API ecosystems expand and bots become more advanced, organizations should anticipate a significant rise in the economic impact of automated API abuse by bots unless proactive measures are taken.
Additional Information:
Download a copy of the The Economic Impact of API and Bot Attacks report for additional insights on the business impact of API and bot-related security incidents.
See how Imperva Advanced Bot Protection and API Security can protect websites, applications, and APIs from automated attacks and without affecting the flo
LINK: | https://www.thalesgroup.com/en/worldwide/defence-and-security/press_re... |
See more stories from thales |
Europe Stories
09/12/2024
Dalet Named an IDC Innovator in Media and Entertainment
Dalet, a leading technology and service provider for media-rich organizations, today announced that it has been named an IDC Innovator in the IDC Innovators: ...
09/11/2024
Dalet Expands Leadership Team to Fuel Next Stage of Growth
Dalet, a leading technology and service provider for media-rich organizations, today announced three new members of its executive team. Tara Bryant joins as Chi...
15/10/2024
Making the dragons fly
Martin Pelletier, visual effects supervisor at Rodeo FX, explains how House of the Dragon's fantastic flying beasts are able to take to the air By Matthew ...
15/10/2024
Adobe adds Gen AI video extension capabilities to Premiere Pro
The company has also unveiled updates to Frame.io and plans to help 30 million people develop AI literacy and content creation skills by 2030 By Jenny Priestle...
15/10/2024
Watch: What caught our AI at IBC
Watch a panel featuring TVBEuropes content director Jenny Priestley discuss some of the biggest talking points from IBC2024 By TVBEurope Staff Published: Oct...
15/10/2024
Ofcom extends Channel 4's licence for a further decade
The new licence is designed to support Channel 4's digital content and distribution strategy, while safeguarding its investment in UK content, said Ofcom B...
15/10/2024
2024-10-15
CUPERTINO, CALIFORNIA Apple today introduced the new iPad mini, supercharged by the A17 Pro chip and Apple Intelligence, the easy-to-use personal intelligence s...
15/10/2024
Thales radios successfully tested by the German Armed Forces to be deployed within the NATO enhanced Forward Presence
Facebook Twitter LinkedIn The German Armed Forces conducted operational te...
15/10/2024
KNDS selects Thales Power Systems Solution for the Leopard 2 A8
Facebook Twitter LinkedIn KNDS awarded Thales a contract to deliver compact, programable and scalable High-Power Solid-State Power Distribution Boards (SS...
15/10/2024
Thales Alenia Space signs a contract with OHB to develop two radar instruments for ESA's 10th exciting new Earth Explorer Harmony mission
Facebook Twitter LinkedIn Leveraging its longstanding experience in radar-...
15/10/2024
RT Player debuts new original sitcom Good Boy exploring comedy, career and coming to terms with ADHD
RT Player debuts new original sitcom Good Boy exploring comedy, career and comi...
14/10/2024
Spotify Launches Audiobooks in France, Belgium, the Netherlands, and Luxembourg-and Premium Listeners Get Instant Access
Since its launch just over a year ago, Spotify's Audiobooks in Premium offer...
14/10/2024
RADAR Artists Give FC Barcelona an Assist With Their Matchday Takeover
Through our first-of-its kind partnership, Spotify and FC Barcelona are committed to uniting the worlds of music and sport. And when the Bar a men's squad r...
14/10/2024
UK creative industries named as growth driver' in government's Industrial Strategy
A green paper published today outlines the governments aim to attract investment...
14/10/2024
ESPRIT module for Lunar Gateway orbital outpost set for a significant upgrade
Facebook Twitter LinkedIn Thales Alenia Space and ESA sign contract amendment to extend and optimize ESPRIT module Milan, October 14, 2024 - Thales Aleni...
14/10/2024
VEON Announces Plan to Move its Headquarters to Dubai International Financial Center
14 Oct 2024 VEON Announces Plan to Move its Headquarters to Dubai International...
14/10/2024
VEON appoints Andrey Pyatakhin as the incoming CEO of Beeline Uzbekistan
14 Oct 2024 VEON appoints Andrey Pyatakhin as the incoming CEO of Beeline Uzbekistan Amsterdam and Tashkent, 14 October 2024: VEON Ltd. (Nasdaq: VEON, Euronext...
14/10/2024
IEC, ISO and ITU launch the 2025 International AI Standards Summit
Setting the standard for responsible AI: 2025 International AI Standards Summit announced this World Standards Day The International Organization for Standar...
14/10/2024
RT airs compelling new documentary Anorexia, My Family & Me'
A powerful, new television programme on eating disorders entitled Anorexia, My Family & Me will air tonight at 9:35pm on RT One and RT Player. The compelling...
14/10/2024
RT Radio 1 Folk Awards to take place on Wednesday 26th February 2025, Vicar Street, Dublin
RT Radio 1 Folk Awards to take place on Wednesday 26th February 2025, Vicar Str...
14/10/2024
RT Documentary On One success at European Awards
RT Documentary on One has been honoured with prizes in two individual categories at the 2024 Prix Europa Awards in Berlin. Last Friday night in Berlin, RT Do...
11/10/2024
Spotify Teams Up With A BATHING APE for a Celebration of Music and Streetwear
Earlier this year, Spotify teased a new partnership with A BATHING APE (BAPE), and now both brands are coming together to celebrate the styles and sounds that...
11/10/2024
Inside Spotify's Partnership With UK Rapper Dave's Annual Football Tournament, Santan Cup
On and off the pitch, Spotify celebrates the culture around football. Since 2022...
11/10/2024
Watch: Oscar-winner Edward Berger discusses new film shot in Apple Immersive Video
Apple Immersive Video leverages ultra-high-resolution 3D video and Spatial Audio...
11/10/2024
2024-10-10
Today, Apple revealed new episodes, films, series, and music performances captured in Apple Immersive Video that will debut on Apple Vision Pro for free. Apple ...
11/10/2024
Oireachtas Media Awards 2024 | RT shortlisted
The shortlist for the 2024 Oireachtas Media Awards was announced earlier this week and RT has secured 21 nominations across the 13 categories, featuring teams ...
11/10/2024
The Real Carrie Jade | Soundtrack released as stand alone original album
The soundtrack to the hugely successful podcast series The Real Carrie Jade has just been released as a stand-alone original album. Following on from soundtrack...
11/10/2024
RT and Kite Entertainment Seek Applicants for Traitors Ireland
RT today announced that it has commissioned Traitors Ireland, the hit series which enthralled audiences across the world including award-winning versions in th...
10/10/2024
Celebrate Five Years of Corridos Tumbados With Our New Spotify Single
Since the Mexican Revolution at the beginning of the 20th century, one particular style of music has served as a form of cultural storytelling for the Mexican p...
10/10/2024
Celebra cinco aos de corridos tumbados con nuestro nuevo Spotify Single
Desde la Revoluci n Mexicana a principios del siglo XX, un estilo musical en particular ha servido como forma de narraci n cultural para el pueblo de M xico: el...
10/10/2024
Beyond the Sound
Home Applications Beyond the Sound Louis James-ParkerLouis James-Parker is an award-winning freelance filmmaker, videographer, director, cinematographer, a...
10/10/2024
Real SFX opens at Bottle Yard, wins green business award
The special effects company joins more than 15 businesses based at the Bristol creative hub By Matthew Corrigan Published: October 10, 2024 The special ef...
10/10/2024
How BBC Studioworks built a flyaway kit for It Takes Two
TVBEurope talks to the team at BBC Studioworks about the technology included in a new flyaway kit for BBC Twos Strictly Come Dancing spin-off, It Takes Two By ...
10/10/2024
SMPTE appoints Sally-Ann D'Amato as interim executive director
DAmato joined SMPTE in 2001, rising to become director of events and governance liaison in 2016 By Jenny Priestley Published: October 10, 2024 Updated: Oct...
10/10/2024
Pixel Power expands software-defined media product portfolio
The company, which is now being led by Thorsten Sauer, has taken over management of networked multiviewer and monitoring platform R&S Prismon By Jenny Priestle...
10/10/2024
HMS Networks expands range of embedded communication interfaces with the Anybus CompactCom B40 Mini
HMS Networks expands range of embedded communication interfaces with the Anybus ...
10/10/2024
FIRST LOOK images released for Alibi and S4C's upcoming legal crime drama, Mudtown
UKTV today releases a selection of first look images for the upcoming U&Original...
10/10/2024
Patented antenna digital twin solution from Rohde & Schwarz and IMST optimizes automotive connectivity
Patented antenna digital twin solution from Rohde & Schwarz and IMST optimizes a...
10/10/2024
CODA is King in the Castle
The Wasserschloss Klaffenbach in Chemnitz, Germany, is a sixteenth-century moated castle which this summer provided a stunning location for a series of four out...
10/10/2024
Dara Briain, Angela Scanlon and Jason Donovan join Friday night's Late Late Show
WATCH INSTAGRAM CLIP Here is your host, Patrick Kielty! Irish comedian and tel...
09/10/2024
Take a Beat and Tune In to Nature for World Mental Health Day
Research shows that nature sounds can have a positive impact on your mental health. So, this World Mental Health Day, we're inviting you to take a beat and ...
09/10/2024
Introducing the RADAR Creators U.S. Class of 2024
Discovery is at the heart of what we do at Spotify, and since 2020, our RADAR program has helped introduce rising artists, burgeoning songwriters, and promising...
09/10/2024
A Collaboration With Panavision: Giovanni Ribisi
Giovanni Ribisi began acting when he was 9 years old, and in the decades since, he's appeared in projects as varied as Boiler Room, Gone in 60 Seconds, Lost...
09/10/2024
IBC 2024 - A Show with Pace and Purpose
Streaming security, consumer engagement, and consumer cybersecurity were top of mind in NAGRAVISION's IBC 2024 showcase, as highlighted by Tim Pearson in ou...
09/10/2024
Introducing Lucia
Everything you need to know about Lucia, BLAM's new AI assistant. The Blue Lucy team introduced BLAM's new AI assistant, Lucia to the media and enterta...
09/10/2024
Pinewood Studios to open new Indie Film Hub in 2025
The hub will provide filmmakers with access to the Pinewood Studios ecosystem from camera hire to drone photography and post production By Jenny Priestley Pu...
09/10/2024
SMPTE awards Marina Kalkanis Presidential Proclamation
The award was established in 1982 and recognises individuals of established and outstanding status and reputation in the motion picture and television industrie...
09/10/2024
TVBEurope October/November 2024 issue out now
The latest issue includes features on the US presidential election, IBC2024 Best of Show Awards winners and tackling the industry skills gap By Matthew Corriga...
09/10/2024
Government inquiry for Marlow Film Studios
The company remains confident in the strength of its case, which, it said, includes significant investment benefits to the local and national economy By Matth...