App cyberattacks jump 137 per cent, with healthcare, manufacturing hit hard

App cyberattacks jump 137 per cent, with healthcare, manufacturing hit hard

Local file intrusions and broken object-level authorisation top application and API-related threat vectors, respectively, according to Akamai customer survey.

Credit: Skorzewiak/Shutterstock

An analysis of customer data collected by content delivery network and internet services giant Akamai found that attacks targeting web applications rose by 137% over the course of last year, as the healthcare and manufacturing sectors in particular were targeted with an array of API and application-based intrusions.

Local file intrusions — in which attackers spoof a web application in order to either execute code remotely on a web server or gain access to files that they shouldn’t — were the most common attacks seen against Akamai’s customers in 2022, and the company warns that its high level of popularity means that it’s a technique that likely remains common in 2023.

“The rise in LFI means the attackers are having success using it, so you should prioritise testing to see if you are vulnerable,” the report said.

Local file intrusions (LFIs) rise by 193%

LFI-based attacks grew by 193% between 2021 and 2022, in no small part because PHP-based websites are generally vulnerable to them. Eight out of 10 websites run the PHP scripting language, according to the report.

Overall levels of web application attacks were substantially higher in 2022 than in 2021, averaging less than 50 million per day in 2021 and closer to 100 million in 2022.

“[Attackers] are using LFI to gain access and they’re doing so with growing frequency,” said Steve Winterfeld, advisory CISO at Akamai.

On the API side, the top-ranked vulnerability cited by Open Web Application Security Project (OWASP) is now BOLA, or broken object-level authorisation. This flaw can allow attackers to manipulate the ID of an object in an API request, in effect letting unprivileged users read or delete another user’s data.

Akamai said that this is a particularly high-risk attack, given that it doesn’t require any particular degree of technical skill to execute, and intrusions resemble normal traffic to most security systems.

“The detection logic must differentiate between 1-to-1 connections and 1-to-many connections among resources and users,” the report said. “Postevent BOLA attacks are difficult to see because of its low volume and it does not show a strong indication of any behavioral anomalies, such as injection or denial of service.”

One vertical that might find itself particularly in the crosshairs of web application and API attackers in 2023 includes healthcare, which has seen an influx of new devices under the internet of medical things aegis, and an associated app and API ecosystem spring up around them, Akamai said.  Another is manufacturing, which, similarly, has seen IoT devices and associated systems proliferate, leading to a 76% increase in median attacks in 2022.

Akamai urged all users to be cognizant of the growing threat posed by application- and API-based attacks and update organisational playbooks used for coping with them.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.



How MSPs can capitalise on integrating AI into existing services

How MSPs can capitalise on integrating AI into existing services

​Given the pace of change, scale of digitalisation and evolution of generative AI, partners must get ahead of the trends to capture the best use of innovative AI solutions to develop new service opportunities. For MSPs, integrating AI capabilities into existing service portfolios can unlock enhancements in key areas including managed hosting, cloud computing and data centre management. This exclusive Reseller News roundtable in association with rhipe, a Crayon company and VMware, focused on how partners can integrate generative AI solutions into existing service offerings and unlocking new revenue streams.

How MSPs can capitalise on integrating AI into existing services
Access4 holds inaugural A/NZ Annual Conference

Access4 holds inaugural A/NZ Annual Conference

​Access4 held its inaugural Annual Conference in Port Douglass, Queensland, for Australia and New Zealand from 9-11 October, hosting partners from across the region with presentations on Access4 product updates, its 2023 Partner of the Year awards and more.

Access4 holds inaugural A/NZ Annual Conference
Show Comments