Report Shows 900% Increase in Shadow API Usage

Highlights:

• Approximately 45 billion shadow API searches were made in the second half of 2022, up from a much more modest five billion searches in the first half of 2022, according to Cequence.
• According to the researchers, most retooling attempts in the telecom sector involved completely novel tactics, techniques, and procedures, demonstrating threat tactics’ variety, sophistication, and persistence.

A recent report from API security firm Cequence Security Inc. reveals that in the second half of 2022, threats to “shadow” APIs will significantly grow.

The study focuses on the strategies, tactics, and practices threat actors use to target APIs used by businesses, consumers, and machines. It is based on an analysis of nearly one trillion transactions across several industries over the second half of 2022.

Shadow APIs increased by 900%, highlighting a lack of API visibility and is one of the significant results. Shadow APIs exist outside of the common management and security procedures for information technology. They frequently lack documentation, which poses dangers to governance and security.

Approximately 45 billion shadow API searches were made in the second half of 2022, up from a much more modest five billion searches in the first half of 2022, according to Cequence. Additionally, it was discovered that 68% of the organizations under study had exposed shadow APIs.

The number of unusual threats also significantly increased in the months before the holidays. By mid-November 2022, there were 11,000 unique threats reported by Cequence, up from about 2,000 in June.

Attackers have been observed combining API and web application security techniques more frequently. Attackers favored conventional application security measures from June to October 2022, but as the holidays drew near, there was a 220% increase in API security measures like anomalous traffic.

The telecom sector was a particularly notable target. According to the researchers, most retooling attempts in the telecom sector involved all new tactics, techniques, and procedures, demonstrating threat tactics’ variety, sophistication, and persistence.

According to the report, the threat landscape for APIs is constantly changing, and businesses must be vigilant in guarding against automated threats, such as bots and vulnerability exploits, by protecting their web applications and APIs. Traditional protection methods continue to offer an ineffective defense as attackers’ tactics become more sophisticated and API-specific.

Ameya Talwalker, Chief Executive of Cequence, said before the report’s release, “Our research is vital in providing organizations with the necessary tools and knowledge to mitigate attacks in real-time. By staying ahead of the curve and understanding the latest attack methods and tools, organizations can achieve complete API visibility and build the awareness and confidence needed to protect their APIs from even the most sophisticated attacks.”