Are you ready for the Zombie API Attack?

The next-generation web application firewall Buguardian WAF has advanced machine learning technology to identify companies’ shadow APIs and mitigate security breaches through APIs. Buguardian WAF not only improves the security of your infrastructure but also makes life easier for web developers.

APIs that enable communication between your web applications and other applications are an important segment of the security discipline. Some APIs live outside of IT governance and security processes. Because these APIs are invisible, security teams do not know what data and applications they can access. Because they are not documented, they pose significant security and governance risks to organizations. Shadow APIs allow hackers to steal valuable data or threaten enterprise applications. Zombie APIs are a subset of shadow APIs.

People create shadow APIs for different needs. A developer in a hurry to finish a new project can write a shadow API for shortcut creation purposes to make his job more manageable.

Sometimes, one or more managed APIs are copied and used to support other services, and API is ‘forgotten’ there as long as it works. End of the day, an attacker gains access to outdated API connections. Hackers are highly adept at finding unpatched old API versions. And the adventure begins. Hackers thus hijack various accounts.

On the other hand, zombie APIs are a type of API that aims to damage the institution or data in its life cycle or is accidentally executed.

High-security risks

OWASP shadow APIs, which contain the top 10 security risks, have been identified in API9:2019 Improper Assets Management. These APIs pose numerous risks. For example, Facebook sends a 10-digit number string via mobile phone to authorize users who forget their password. The Facebook security team realized after a while that this would pose a threat. This time, the security team started to stop sending a password to the user after ten attempts to request a password, in case the hackers who constantly demand a password test the six-digit combination. However, this time another problem arose. Developers had copied the original API for some different web services in the past. The problems that arose were resolved over time. In short, it is always possible for shadow APIs to cause problems. For this reason, the use of APIs in companies requires careful management. Applications such as BUGuardian WAF can detect such problems early and ensure that security measures are taken.

100 million PII stolen

Again, in the case of an Indian company, an attacker who discovered an old API working in the system changed the version number of the new API. With this method, it accessed the less secure legacy API and obtained personally identifiable information (PII) of more than 100 million people, such as usernames, emails, phone numbers, addresses, gender, date of birth, photos, and work history. Subsequent investigations revealed that the old API had been running quietly at this company for four years without being noticed.

The next-generation web application firewall Buguardian WAF has advanced machine learning technology to identify companies’ shadow APIs and mitigate security breaches through APIs. Buguardian WAF not only improves the security of your infrastructure but also makes life easier for web developers. Buguardian WAF API automates the process of creating documents, creating an inventory of live APIs. It ensures that every change made is reflected in the documents. When a new API version is released, it provides a comprehensive analysis of the old API and documents its status -Is it updated, terminated, etc.?

Ask Buguardian for more information to keep your web applications free from shadow and zombie API risk.