In one major content delivery network system’s firewall metrics, Local File Inclusion attacks surpassed XSS and SQLi attacks
Through analysis of application-layer alerts on traffic seen through Akamai Technologies, Inc’s. web-application firewall — including data through approximately 340,000 servers in 4,000 locations on 1,300 networks in 134 countries — a report on the state of internet security has concluded that the financial services sector in the Asia-Pacific and Japan region (APJ) continues to be the most attacked industry in the region, driven by record growth in web-application and API attacks, with a 248% increase in attacks over 2021 figures.
This growth is significantly higher than the nearly 169% growth in attacks.
The steady growth in overall APJ web-application and API attacks averaged around 10m attacks per day. Some days, the volume went above 60m.
The analysis revealed differentiated trends in web and API attack patterns across APJ’s local markets:
- The top three industries in APJ facing the greatest number of web-application and API attacks in Akamai’s 2022 data were financial services (2bn), commerce (980m), and digital media (393m).
- The top three industries in APJ facing the highest growth of attacks from 2021 to 2022 were financial services (248%), manufacturing (162%), and the public sector (139%).
- Both Australia and Japan saw the largest growth of web-application and API attacks against their financial sectors, growing at 259% and 1,635% year-over-year (YOY).
- Australia experienced patterns of persistent and consistent increases in web-application and API attacks in 2022 with several big-bang attacks, while Japan saw mostly big-bang attack types. This suggests specific verticals and organizations were being actively targeted.
- Attacks against Japan’s high-tech sector grew more than 116% YOY in 2022.
- India experienced more persistent and consistent attack campaigns focused on the retail and commerce sector, with web-application and API attacks growing almost 90% YOY in 2022. In financial services, India experienced a 56% increase in attacks YOY.
- Local File Inclusion (LFI) attacks were found to be the most common attack vector in APJ, growing around 154% YOY, surpassing XSS and SQLi attacks. This growth of LFI attacks in APJ indicates threat actors are constantly evolving their techniques and shifting targets toward consumer behavior in order to get the most return on investment.
According to Reuben Koh, Security Technology and Strategy Director (APJ), Akamai: “Cybercriminals are constantly exploiting web-applications and APIs and will continue to use new attack techniques to maximize their return on investment. The finance, manufacturing, and commerce sectors in APJ are hubs for digital innovation, and therefore, are very lucrative targets for attackers.”
Koh added that the latest threat landscape data indicates a shift toward remote code execution, with emerging attack vectors including Server-Side Request Forgery (SSRF), Server-Side Template Injections (SSTI), and Server-Side Code Injection.