Cequence Security has released its"2023 Holiday Season API Security Report." The comprehensive report delves into the evolving tactics of threat actors, revealing a shift towards a more nuanced and extended approach to cyberattacks, designed to blend with legitimate traffic and evade detection in the lead-up to peak holiday shopping periods.
Developed by the CQ Prime Threat Research Team, the report draws insights from actual anonymized traffic and attack data gathered from Cequence's impressive customer base, which includes Fortune 500 and Global 2000 companies. The data, sampled from billions of transactions, primarily focuses on Cequence's retail clients during the months preceding the 2023 holiday season. The CQ Prime team meticulously identified and categorized active threats, with the resulting threat intelligence forming a critical foundation for Cequence's products, enabling effective mitigation and blocking to safeguard customers' businesses.
William Glazier, Director of Threat Research at Cequence, emphasized the report's eye-opening findings, stating, "The 2023 holiday season exposed a chilling reality:
cybercriminals are employing increasingly sophisticated attack methods and meticulously planning months in advance to exploit vulnerabilities. This long-term approach allows them to target unprepared retailers and unsuspecting customers, particularly during peak shopping periods. This shift underscores the urgent need for heightened vigilance and proactive security measures throughout the year."
Key highlights from the report include:
Pre-Holiday Cyber Onslaught: In the latter half of 2023, gift card fraud surged by 110%, while scraping, loyalty card fraud, and payment card fraud collectively witnessed an astonishing average increase of over 700%. Attackers strategically laid the groundwork for holiday sale attacks in anticipation of heightened retailer security.
Rising Threat of Trust-Building Account Takeovers: Retailers experienced a staggering 410-fold increase in account takeovers (ATOs) in the second half of the analysis period (September – November 2023).
Surge of Automated Line-Jumpers: The report uncovered large-scale automated additions of products to shopping carts, leading to volumetric system flooding. These malicious activities aimed to monopolize the market, preventing legitimate customers from making purchases.
With cyber attackers constantly fine-tuning their tactics and expanding their arsenal, Cequence's report underscores the critical need for a comprehensive, historical threat intelligence database and an expert team capable of deciphering the rapidly evolving API threat landscape. The data reveals that Cequence detected malicious traffic from 719 million unique IP addresses and 325 million malicious login attempts across its entire customer base from June to November 2023, underscoring the scale of today's threats.
Glazier added, "To combat sophisticated threats targeting APIs, today's organizations must fortify their defenses with a holistic security approach that safeguards their APIs throughout their entire lifecycle. This includes discovering and cataloging all APIs, ensuring rigorous adherence to industry standards, and deploying advanced threat detection and mitigation tools to defend against attacks."
Cequence Security's report serves as a crucial resource for organizations looking to stay ahead of evolving cyber threats and bolster their API security measures in an ever-changing digital landscape.