In addition to API attacks, server-side template injections (SSTIs) also gained popularity in 2022.

A study by Akamai shows that attacks on applications and APIs will increase by 137 percent by 2022. As more companies turn to web applications and APIs to increase the user experience for customers, this is an important observation. Local File Inclusion (LFI) remains the leading attack vector, growing at 193 percent annually.

Attention is also paid to SSTI, a technique where hackers exploit vulnerabilities such as Log4Shell and Spring4Shell. These pose a significant risk to organizations as such attacks result in remote code execution and data exfiltration.

Server-Side Request Forgery (SSRF) is another emerging trend highlighted by Akamai. This attack vector poses a threat to many organizations. The service saw an average of 14 million SSRF attempts against customer web applications per day through 2022.

Other numbers in the survey show that healthcare is increasingly being targeted. The number of attacks increased by 82 percent in 2022, also thanks to the strong growth of the “Internet of Medical Things”, the medical IoT. They greatly expand the attack surface that hackers like to have.

The manufacturing industry also saw a 76 percent increase in attacks over the past year. Again, the main culprit is the IoT and the massive amount of data being generated there.