Akamai Research: Web Attacks Up 33%, APIs Emerge as Primary Targets
Rhea-AI Summary
Akamai Technologies (NASDAQ: AKAM) has released its State of the Internet (SOTI) report revealing significant cybersecurity trends in 2024. The report highlights a 33% year-over-year increase in web attacks, totaling 311 billion incidents, largely driven by AI application adoption.
Key findings include:
- 150 billion API attacks documented from January 2023 through December 2024
- 94% increase in Layer 7 DDoS attacks between Q1 2023 and Q4 2024
- Monthly attack volumes rose from 500 billion to 1.1 trillion by December 2024
- Commerce sector faced over 230 billion web attacks, triple the amount of the second most targeted sector
- 32% increase in OWASP API Security Top 10-related incidents
- 30% growth in MITRE security framework alerts
Positive
- Strong market position demonstrated by processing one-third of global web traffic
- Comprehensive threat intelligence capabilities showcased through detailed attack monitoring and analysis
Negative
- Significant increase in security threats could lead to higher defensive costs for Akamai
- Growing complexity of API ecosystems presents increased vulnerability challenges
- Rising sophistication of AI-powered attacks poses escalating security challenges
News Market Reaction – AKAM
On the day this news was published, AKAM gained 2.43%, reflecting a moderate positive market reaction.
Data tracked by StockTitan Argus on the day of publication.
Surge correlates with accelerated adoption of AI-powered applications
The report also finds that APIs have emerged as primary targets, with Akamai documenting 150 billion API attacks from January 2023 through December 2024. The AI API market is growing rapidly and the integration of AI-driven tools with core platforms via APIs has substantially expanded this attack surface. The majority of AI-powered APIs are externally accessible and many rely on inadequate authentication mechanisms, a vulnerability compounded by the growing array of AI-driven attacks targeting them. Akamai notes that AI-powered APIs are even more vulnerable than their counterparts as AI fuels technical advancements for threat actors.
In addition, Akamai documents a dramatic rise in Layer 7 (application-layer) distributed denial-of-service (DDoS) attacks against web applications and APIs. Quarterly attack volumes increased
Other key findings of the report include:
- There were more than 230 billion web attacks targeting commerce organizations, making it the most impacted industry. This is nearly triple the number of attacks experienced by high technology (the second most attacked sector).
- There were 7 trillion Layer 7 DDoS attacks targeting the high technology sector from January 2023 through December 2024, making it the most affected industry.
- OWASP API Security Top 10–related incidents increased
32% , revealing authentication and authorization flaws that expose sensitive data and functionality. - Growth in security alerts related to the MITRE security framework are up
30% as attackers are using advanced techniques such as automation and AI to exploit APIs. - Shadow and zombie APIs present particularly vulnerable attack vectors within increasingly complex API ecosystems.
State of Apps and API Security 2025: How AI Is Shifting the Digital Terrain also contains a security spotlight on an API attack against an ecommerce company, an explanation of the differences between web and API attacks, regional and industry attack data, and recommended mitigation strategies. The report provides unique insights on risk scoring and technical methods that are designed to assist frontline defenders.
"AI is transforming web and API security, enhancing threat detection but also creating new challenges," said Rupesh Chokshi, Senior Vice President and General Manager of Akamai's Application Security Portfolio. "This report is a must read to understand what's driving the shift and how defenders can stay ahead with the right mitigation strategies."
This is the 11th year of Akamai's SOTI reports. The SOTI series provides expert insights on cybersecurity and web performance and is based on data gathered from our network infrastructure, which processes more than one-third of global web traffic.
About Akamai
Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense in depth to safeguard enterprise data and applications everywhere. Akamai's full-stack cloud computing solutions deliver performance and affordability on the world's most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.
Contact:
Akamai PR
akamaiPR@akamai.com
View original content to download multimedia:https://www.prnewswire.com/news-releases/akamai-research-web-attacks-up-33-apis-emerge-as-primary-targets-302433477.html
SOURCE Akamai Technologies, Inc.
FAQ
What is the percentage increase in web attacks reported by Akamai (AKAM) in 2024?
How many API attacks did Akamai (AKAM) document between 2023-2024?
What was the growth rate of Layer 7 DDoS attacks according to Akamai's 2025 report?
Which industry sector faced the most web attacks according to Akamai's 2025 SOTI report?
How much did OWASP API Security-related incidents increase in Akamai's latest report?
