This post is part of our 2023 cybersecurity predictions series.
Experts from Cequence Jeremy Kowalczyk, Senior Security Architect, and Aakash Tiwari, Senior Security Engineer, lend their predictions for the year ahead.
Jeremy Kowalczyk, Senior Security Architect, Cequence Security
Threat actors will become more sophisticated in 2023 by leveraging the unholy trinity of application security interface (API) attack vectors.
Historically, malicious actors targeting APIs would leverage only one of the tactics outlined by the OWASP Top 10 – a standard awareness document for developers and web application security that represents a broad consensus about the most critical security risks to web applications – for an attack.
The reality is that APIs are under attack from several different vectors. In the year ahead, we will see attackers evolve to use a combination of three different tactics–Broken User Authentication (API2), Excessive Data Exposure (API3) and Improper Assets Management (API9)–to bypass common security controls and achieve their end goal. The increased combination of these three threats indicate that attackers will be performing new levels of analysis to understand how each API works – including how they interact with one another and what the expected result will be.
Aakash Tiwari, Senior Security Engineer, Cequence Security
A major global telecom organization will face a data breach due to a shadow API.
Roughly 31%, or 5 billion of the 16.7 billion malicious transactions targeted unknown, unmanaged and unprotected APIs, commonly referred to as shadow APIs in the first half of 2022, making it the top attack vector. That is because shadow APIs are relatively easy for attackers to discover by analyzing an organization's exposed APIs and then simply fuzzing or modifying the values, enumerating through other API endpoints on different versions, under different hostnames to find other API variants.
In 2023, threat actors will seek to build off this momentum to exploit telecommunications companies that lack visibility into APIs due to their many sub-companies and partners. Blended with the rapid adoption of new technology telecom companies face, a global telecom organization will experience a major data breach thanks to a shadow API that impacts millions of users’ information and results in subsequent breaches.