Top
image credit: Pixabay

How API attacks work, and how to identify and prevent them

In early May, fitness company Peloton announced that it had exposed customer account data on the internet. Anyone could access users’ account data from Peloton’s servers, even if the users set their account profiles as private. The cause: a faulty API that permitted unauthenticated requests.

Application programming interfaces (APIs) allow for easy machine-to-machine communication. API use has seen explosive growth lately. According to Akamai, API communications now account for more than 83% of all internet traffic.

They’re also the cause of a lot of security issues. In addition to Peloton, other companies in the news recently for API-related cybersecurity problems include Equifax, Instagram, Facebook, Amazon and Paypal.

Read More on CSO Online