Netstay Security 2022 Web Security Observation Report: API Becomes the Number One Attack Target, DDoS, Bot Attacks Multiply
On June 30, Wangsu Science&Technology's sub brand Netsux Security held the 2022 Internet Security Report Conference online, officially releasing the 2022 Web Security Observation Report (hereinafter referred to as the Report, the Zero Trust Security White Paper and the SASE Security Access Service Edge White Paper).It is reported that this conference is the first conference hosted by a virtual digital person in the network security industry, which uses the one-stop virtual digital person live broadcast product of Wangsu Science&Technology, Netsux virtual live broadcast, breaks the dimension wall, realizes the integration of virtual and real, and presents a new interpretation of the security trend for the public
On June 30, Wangsu Science&Technology's sub brand Netsux Security held the 2022 Internet Security Report Conference online, officially releasing the 2022 Web Security Observation Report (hereinafter referred to as the Report, the Zero Trust Security White Paper and the SASE Security Access Service Edge White Paper).
It is reported that this conference is the first conference hosted by a virtual digital person in the network security industry, which uses the one-stop virtual digital person live broadcast product of Wangsu Science&Technology, Netsux virtual live broadcast, breaks the dimension wall, realizes the integration of virtual and real, and presents a new interpretation of the security trend for the public.
At the meeting, Lv Shibiao, vice president and chief security officer of Wangsu Science&Technology, pointed out that the Report reflected that the threat to web security was becoming more and more serious, which was mainly reflected in several aspects: first, the continued outbreak of high-risk web vulnerabilities; Secondly, the API has become the top attack target for gray and black production; Thirdly, DDoS attacks have doubled and the Tbps level has become the norm; Fourthly, Bot attacks have multiplied and the intensity of automated attacks has increased; Fifth, the risk of online business fraud has significantly increased; Sixth, diverse threats are constantly emerging, and there is an urgent need for new security protection solutions.
Specifically, in 2022, the NetEase security platform detected a total of 27 million exploits targeting various variants of Log4shell vulnerabilities, and a large number of new high-risk vulnerabilities such as Apache Finalact path traversal vulnerability, OpenSSL security vulnerability, SQLite input validation error vulnerability, etc. continue to emerge. For the first time, the proportion of attacks targeting APIs has exceeded 50%, reaching 58.4%, and APIs have become the top target of black production attacks.
According to Lv Shibiao's analysis, the core reason is that the enterprise is unclear about the current status of its API assets, with unknown zombie APIs, shadow APIs, and a large amount of sensitive data exposed on the APIs, leaving a breakthrough for attackers. At the same time, the API has no context, and the attack cost is low. Attackers can obtain data or conduct attacks through simple network requests.
In terms of DDoS attacks, the report shows that in 2022, DDoS attacks occurred an average of 439200 times per day, a year-on-year increase of 103.8%. DDoS attacks above T level were frequent, and the highest attack peak for the year reached 2.09 Tbps. The current attack scale has far exceeded the protection capability of a single data center. Operators, large public clouds, and distributed CDNs and edge computing vendors have become the main force in protecting large-scale DDoS attacks.
Bot attacks continue to multiply. In 2022, Bot attacks occurred an average of approximately 5175 times per second, with an attack volume of 1.93 times that of 2021 and 4.5 times that of 2020. Bot attack techniques are more covert, not only by forging normal User Agents or simulating normal browsers for automated framework attacks, but also by simulating human behavior to evade mature Bot detection, further increasing the difficulty of defense.
It is worth noting that with the widespread application of APIs in various online businesses, links related to transactions and account sensitivity have attracted attention from gray and black industries, leading to a sharp increase in the risk of online business fraud. The report found that black and gray production has become highly mature, engaging in business fraud through a large number of automated and procedural methods, and running through the entire online business scenario. In registration, login, and marketing scenarios, automated attacks account for over 50%.
In addition, web security threats are becoming more diverse, with web services encountering two or more threats accounting for 87%, while web services encountering three or more threats still accounting for 65%. Traditional WAFs are difficult to cover such diverse threats, and the industry urgently needs to upgrade its security defense line.
Regarding this, Lv Shibiao further pointed out that each link from the customer service end to the boundary of the traffic side and then to the first kilometer of user access requires corresponding protection capabilities. From a depth perspective, this means that 3-7 layers of integrated protection are needed. Currently, cloud WAAP is recognized as the preferred choice.
The full name of WAAP is WebApplication and APIProtection. According to Gartner's definition, WAAP is a next-generation web security protection solution that integrates DDoS protection, WAF, Bot management, and API protection, achieving infrastructure protection, web application protection, API management and protection, as well as automated tool management and threat defense.
It is reported that NetEase Security released the country's first security acceleration solution in 2017, with CDN acceleration, DDoS protection, and WAF integration capabilities. Subsequently, it added Bot management, API management, and security capabilities, achieving the full stack capability of WAAP.
Previously, cybersecurity was the first in the industry to pass the "WAAP Security Capability Assessment" conducted by the Information and Communications Academy. In addition, according to an international data company IDC report, NetEase Security ranked fifth with a market share of 5.4% in the "IDCMarketShare: China Public Cloud Anti DDoS Market Share, 2022" report, becoming the only non-public cloud computing vendor in the top five camp. In the IDC "China Cloud Web Application Firewall Market Share, 2022" report, NetEase Security also ranked in the top five with a market share of 5.3%.
At present, from state-owned banks to large central enterprises to multinational enterprises, they are widely using the WAAP integrated full stack security system for network accommodation security, "said Lv Shibiao.
It is understood that this Report is the seventh consecutive year that NetHome Security has exported professional security reports to the outside world. It is derived from the in-depth mining and analysis of the monitoring data of NetHome's global edge computing and edge security platform by NetHome's martial arts practice security laboratory. Relying on more than 200000 servers and 2800 nodes deployed globally, the Netstay platform serves 80% of Chinese netizens, carrying trillions of requests per day, capturing over 3 billion attack and defense samples, and the overall protection scale of the platform exceeds 15Tbps.
Disclaimer: The content of this article is sourced from the internet. The copyright of the text, images, and other materials belongs to the original author. The platform reprints the materials for the purpose of conveying more information. The content of the article is for reference and learning only, and should not be used for commercial purposes. If it infringes on your legitimate rights and interests, please contact us promptly and we will handle it as soon as possible! We respect copyright and are committed to protecting it. Thank you for sharing.(Email:[email protected])