The cyber danger hiding in plain sight: Understanding the API attack
In early January 2021, the social network Parler was given 24 hours notice that Amazon was removing their account from its AWS hosting service.
The short-notice shutdown proved an ample window for hackers to gain access to Parler’s database, using API (Application Programming Interface) weaknesses. The hackers proceeded to download over 70TBs of Parler metadata. To date, it’s the single biggest API attack to take place, and happened right under the watchful eye of Parler.
API is a software intermediary that enables apps and tools to respond to each other. APIs provide resources for developers, enabling them to extract and share data in an accessible way. Most businesses are using various forms of API and, because of the rapid growth of new attack forms and technology, API security has become a major cause for concern amongst security experts.
How a business’s biggest tool can be its gravest danger
Most businesses are unaware of the possibility of an API attack, mainly due to a lack of knowledge of APIs, how they work and how they’re vulnerable to attack. Simply put, they are the main gateway to organisational data and critical assets.
APIs usually document information about their structure and methods of implementation – effectively a guide on their function and how to use them. Attackers can use this information to infiltrate and gain access. More common vulnerabilities include poor authentication and a lack of encryption, which leads to two other kinds of attack: Man in the Middle (MITM) and Distributed Denial of Service (DDoS) attacks.
API attacks will be the most common form of attack for businesses in 2022
According to Gartner, API attacks are set to become the most prolific kind, especially for data breaches of applications, business software and the tools in-between. It’s believed that around 40% of web enabled apps are going to have to fend off API attacks, as opposed to traditional interface attacks.
How you can safeguard your business against an API attack
- Utilise ‘push’ notifications: Businesses can enable a notification system which forwards alerts to a user’s phone. The user can set up this system when they engage the API for the first time. While it might not prevent an attack from taking place, it can alert the right person at the right time about a potential breach.
- Apply 2FA: It’s the safest form of authentication, creating space between access and the user credentials, and the ability to login. Notably with 2FA, users are sent one-time passwords (OTPs) and push notifications which helps create an extra layer at the attack point.
- Encrypt data: Another useful intervention is encrypting data. It doesn’t necessarily detract API attacks but it does mean that if attackers gain access to data, the data is meaningless to them unless they’re able to decrypt it.
- Rely on safe, encrypted cloud backup: While an API attack might not be preventable, it doesn’t need to totally disrupt your business. By leveraging the power of the cloud with a premium online service that can SSL-encrypt and fortify data within a storage facility separate from your production environment, you can have the attack contained and all critical operational data restored in almost no time.
Be aware of what’s hiding in plain sight
As new tools become available to help businesses improve how they operate, so do the opportunities for attackers to find new ways to breach using these tools. The API attack is a prime example. But, by utilising native security measures, along with a strong reliance on the power of encrypted cloud backup to safeguard data, the danger of the API can be minimised and ‘business as usual’ can be resumed.
