Triple-digit Increase in API and App Attacks on Tech and Retail

Written by

Last year was a record-breaker in terms of API and application-based attacks on the EMEA retail sector, with detected threats surging 189%, according to Akamai.

The security vendor’s State of the Internet report was compiled in part from intelligence gathered from 340,000 servers in 4000 locations on 1300 networks in 134 countries.

It also found a significant spike in attacks last year across the high-tech (176%) and social media (404%) sectors in EMEA.

Globally, the financial services sector also saw an increase in attacks on 2021 figures, although in the UK recorded threats declined by 4%, making this the only region to experience a decrease in this vertical.

Akamai suggested that this could be down to threat actors targeting individual account holders rather than large banking institutions.

“Cyber-criminals continue to follow the money, and it is no surprise that application and API attacks on the commerce sector have continued to be on the rise in EMEA,” said Richard Meeus, director of security technology and strategy EMEA at Akamai.

“An interesting insight is that there has been a decline in attacks in the finance sector in the UK, which is countered by a rise in attacks on individual customers. Banks should be on the lookout for scams and take full precautions to help defend their customers: Forewarned is forearmed.”

Read more on web attacks: Web App and API Attacks Surge 257% in Financial Services.

Retail, high tech and financial services remained by far the most popular targets for web attacks in 2022, accounting for over 70% of total detected threats during the year.

Elsewhere, attacks on the healthcare industry globally surged 55% from 2021 to 2022, driven by greater adoption of IoT equipment which has expanded organizations’ attack surfaces, Akamai claimed.

More generally, post-pandemic digital transformation has led organizations across verticals to invest in more web applications and APIs, exposing them to elevated cyber risk.

The report also found that Local File Inclusion (LFI) remained the top attack vector in EMEA, with attacks growing 115% from 2021 to 2022. Globally they surged by even more – 193% year-on-year.

What’s hot on Infosecurity Magazine?