API Attacks, an Evolving DDoS Attack to e-Business

Share Article

Nexusguard reports that DDoS attacks will continue to evolve towards targeting customized applications, and suggests preventive measures to protect e-businesses.

Application programming Interface, commonly known as API, is a specification intended to be used as an interface by software components to communicate with each other in applications such as Google Maps, Yahoo Finance, Amazon Cloud Drive and in any typical online stores.

Being an integral component of today’s websites, APIs are naturally becoming targets of attacks. Amazon Web Services, an API of Amazon, was reportedly affected by continuous API errors in the month of June 2012 that caused severe outages and affected millions of users. In 2010, PayPal, another e-business giant, suffered from several critical API errors which eventually forced them to release an apology in their blog with the line “Sorry – your last action could not be completed”.

Frank Tse, Senior Researcher at Nexusguard notes that there is an obvious trend that attacks are shifting its focus towards APIs and causing denial of service, especially toward public cloud service providers. “HTTP attacks have dominated the past 2 years, but we predict that API attacks are going to replace its position in the coming year. The impacts of API attacks can be up to 10 times more effective then HTTP attacks.”

“For example, a HTTP GET attack is like refreshing a webpage quickly, while an API attack is like performing specially crafted keyword searches to use up and hog backend server resources to process the queries. When the rate of such searches exceed a certain threshold, the website will no longer be able to serve legitimate customers. This attack will look totally legitimate at the HTTP layer but is in fact targeting the customized application, and it is an attack beyond Layer 7,” said Frank.

Frank added that API attacks are an evolving threat to e-business, and suggests 3 possible preventive measures.
1.    API Validation: By validating application and user behavior, the system can profile all application elements and build a baseline of acceptable user behavior.
2.    Usage Limitation: The limiting of usage of an API, such as to limit the access rights for an IP address during a certain period of time.
3.    Visibility and control for HTTPS: API attacks can be launched as HTTPS with malicious packets staying encrypted until they hit the backend server. Enterprises should therefore equip themselves with detection system capable of providing HTTPS visibility and control. This will allow systems to detect and filter all malicious packets before the attacks take down the APIs.

Nexusguard’s in-the-cloud web application security service - ClearWeb - delivers enterprise level web protection to customers. For more details please visit http://www.nexusguard.com/

About Nexusguard
Nexusguard, incorporated in 2008, is a premium provider of end-to-end, in-the-cloud Internet Security Solutions. Nexusguard delivers solutions over the Internet to ensure that our clients enjoy uninterrupted web-service delivery to their users, by protecting them against the ever-increasing and evolving multitude of Internet threats, particularly Distributed Denial-of-Service (DDoS) attacks, and other attacks directed at web application software.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Ivy Wu
Visit website