Moneycontrol PRO
you are here: HomeNewsBusiness

Over 193 million cyber attacks on APIs in India between December '21 and April 22: Akamai

Akamai attributed the rise in attacks on APIs in the financial sector to the embracing of Open Banking in India’s banking system

June 28, 2022 / 08:12 PM IST

Between December 2021 and February 2022, India experienced a total of 193,510,152 cyber attacks on application programme interfaces (APIs), softwares that allow two applications to interface, making it the 5th most attacked country in the world, data by cybersecurity company Akamai said.

Other countries with more API attacks during that period were the USA, Germany, Australia and United Kingdom, Akamai said.

Screenshot 2022-06-28 020345Most of the cyberattacks in India, Akamai found, were concentrated on financial, e-commerce and other digital media sectors. While financial services counted for 22.6 % of the attacks, e-commerce was at 30.2 % and other digital media such as social media etc at 32.6 %.

Screenshot 2022-06-28 020928

In a conversation with Moneycontrol, Director of Security Technology and Strategy, APJ, at Akamai Dean Houari attributed the rise in attacks on APIs in the financial sector to the embracing of Open Banking in India’s banking system.

Close

“What we've noticed is that India is now a leading API economy, and actually it is the leader when it comes to using API's in banking and e-commerce and across other industries. It has also been pushed because of open banking regulation etc.”

“As a consequence, what we've noticed is that 90% of traffic, be it consumer to application or business to business, is API based. Obviously, the attackers have taken note and are switching to these types of attacks,” Houari said.

However, before we go any further, what are APIs, and why has there been a major push towards its adoption?

Houari explained that APIs are preferred because they have no proprietary protocol, and businesses don’t have to write their code. They could simply use an API, which is based on open code – meaning anyone can use it.

He explained that the primary API that is majorly in use in India and in other places is the REST API. “REST API is essentially used to communicate with HTTP as a protocol. In HTTP, which is the most widely used on the web  meaning, you know, a user sends a request, to send information or receive information. And that’s where the danger comes in…”

Houari explained that hackers can inject malicious code in APIs. “When an API sends a request, the request can be very well valid, but a hacker can play with the code and inject a malicious file,” he said.

Between the timeframe, Akamai also recorded two major spikes in attack frequency. The first, in December, coincided with the discovery of a vulnerability in log4j, a logging library built on popular coding language Java and embedded in countless Java applications and services.

Screenshot 2022-06-28 021048

Local file injection

Akamai’s research also found that the majority  of the hacks on APIs in India were not SQL injection, but were local file injections (LFI). SQL is a database query language, through which hackers can insert commands to access databases and receive data.

Whereas, Houari explained, LFI is an attack technique where the attacker tries to trick a web application into running or exposing files on a web server.

“For example, when a web page receives as input the path to a file with unsanitized content, the server would allow the content of the file to run as part of the web application code. This enables the attacker to remotely execute malicious code such as malware, which could be the first stage of a ransomware attack,” Houari said.

What's the solution?

Apart from the push in adoption of APIs, Houari also pointed towards developers who do not have API security in mind while building applications, as a reason behind the rise in such attacks.

"The rapid adoption of DevOps as part of the software development life cycle has also increased the use of APIs for platform management and integration. The risk of exposing API keys or sensitive data shared on open-source repositories like GitHub has become a serious risk. Most developers do not have API security in mind when building their applications and it is critical for businesses to adopt a security strategy to secure all their public and private APIs," Houari said.

He recommended developers to adopt a security first approach in the development of APIs. "Developers should adopt security checks from code to runtime with code inspection and API validation," he said.

 
Aihik Sur covers tech policy, drones, space tech among other beats at Moneycontrol
first published: Jun 28, 2022 09:36 am
Sections
ISO 27001 - BSI Assurance Mark