While T-Mobile has claimed that the attackers weren’t able to access users’ payment card information, passwords, driver’s licenses, government IDs or social security numbers, the information that was harvested provides ample material to conduct social engineering attacks. This is important because logging can be sidestepped - as was the case with a vulnerability in AWS’ APIs that allowed attackers to bypass CloudTrail logging. “As more organizations are moving data to the cloud, API security becomes even more pertinent with distributed systems,” Doman said.ĭoman notes that organizations looking to insulate themselves from incidents like T-Mobile experienced need to have “proper visibility” into API access and activity beyond traditional logging.
“Unauthorized API access can be extremely difficult for organizations to monitor and investigate - especially for enterprise companies - due to the sheer volume of them,” said Chris Doman, CTO and cofounder of Cado Security. Unfortunately, upgrading to up-to-date solutions is easier said than done. In addition, just a month ago, hackers exposed the account and email addresses of 235 million Twitter users after exploiting an API vulnerability originally shipped in June 2021, which was later patched.Īs threat actors look to exploit APIs more often, organizations can’t afford to rely on legacy cybersecurity solutions to protect this vast attack surface. These predictions appear to be accurate, with research showing that 53% of security and engineering professionals reported their organizations experienced a data breach of a network or app due to compromised API tokens.
0 kommentar(er)
