Skip to main content

AI Transformation at Risk: APIs Emerge as the Primary Attack Surface, Akamai Research Finds

Written by Customer Service on . Posted in Public Companies.

Cybercriminals follow enterprise AI investment, exploiting APIs as the fastest path to scale, disruption, and profit

CAMBRIDGE, Mass., March 17, 2026 (GLOBE NEWSWIRE)Akamai (NASDAQ: AKAM) today released its 2026 Apps, APIs, and DDoS State of the Internet (SOTI) report, highlighting a decisive shift in the threat landscape. Attackers are now industrializing their methods and targeting the infrastructure that fuels business growth and AI transformation.

As organizations accelerate AI adoption, APIs — long overlooked as a point of vulnerability — have become the primary attack surface. Akamai researchers have observed attacks evolve into coordinated campaigns that consistently blend API abuse, web application attacks, and Layer 7 DDoS activity into scalable, cost-efficient operations to disrupt availability and drive financial impact. Wherever investment concentrates, risk follows. APIs have become the foundation of AI transformation, and securing AI means securing APIs.

The report data underscores the scale of this industrialization:

  • Layer 7 DDoS attacks surged 104% over the past two years.
  • 87% of surveyed organizations reported experiencing an API-related security incident in 2025.
  • Web application attacks rose sharply, climbing 73% between 2023 and 2025.
  • The average number of daily API attacks rose 113% year over year.

“Attackers increasingly focus on degrading performance, driving up infrastructure costs, and exploiting AI-driven automation at scale, rather than seeking headline-grabbing campaigns,” said Patrick Sullivan, CTO of Security Strategy at Akamai. “Automation and AI are making these sophisticated campaigns cheap, repeatable, and fast. And as enterprises invest heavily in AI transformation, attackers are targeting the APIs that power that transformation.”

The report also finds that application and API security are now inseparable, though many organizations still manage them as distinct challenges. Treating them as separate problems creates visibility gaps that attackers need to successfully exploit them as a single attack vector.

Additional key findings include:

  • “Vibe coding” is introducing new vulnerabilities and misconfigurations that often reach production without adequate testing.
  • Hacktivist-driven DDoS activity continues to rise as politically motivated actors adapt to shifting global tensions and the increasing availability of rentable botnets.
  • The 104% spike in Layer 7 DDoS attacks is fueled by easy access to botnets through DDoS-for-hire services and AI-enabled attack scripts that simplify targeting of APIs and web applications.
  • “Super botnets” such as Aisuru and Kimwolf, evolved from Mirai’s original architecture, now power DDoS as a service (DDoSaaS) ecosystems used by both cybercriminal and hacktivist groups.

The 2026 Apps, APIs, and DDoS SOTI report also includes a deep dive on regional attack trends, expert insight into the economics of modern internet attacks, and a guest column that explores defenses against emerging agentic AI threats, along with practical mitigation strategies.

Now in their 12th year, Akamai’s SOTI reports continue to offer critical insights on cybersecurity trends and web performance, drawn from attacks viewed across Akamai’s cybersecurity protective infrastructure, which handles a significant portion of global web traffic.

To learn more, please stop by Akamai’s booth N-6245 at this year’s RSA Conference.

About Akamai

Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense in depth to safeguard enterprise data and applications everywhere. Akamai’s full-stack cloud computing solutions deliver performance and affordability on the world’s most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.

Contacts
Akamai Media Relations
akamaipr@akamai.com

Disclaimer & Cookie Notice

Welcome to GOLDEA services for Professionals

Before you continue, please confirm the following:

Professional advisers only

I am a professional adviser and would like to visit the GOLDEA CAPITAL for Professionals website.

Important Notice for Investors:

The services and products offered by Goldalea Capital Ltd. are intended exclusively for professional market participants as defined by applicable laws and regulations. This typically includes institutional investors, qualified investors, and high-net-worth individuals who have sufficient knowledge, experience, resources, and independence to assess the risks of trading on their own.

No Investment Advice:

The information, analyses, and market data provided are for general information purposes only and do not constitute individual investment advice. They should not be construed as a basis for investment decisions and do not take into account the specific investment objectives, financial situation, or individual needs of any recipient.

High Risks:

Trading in financial instruments is associated with significant risks and may result in the complete loss of the invested capital. Goldalea Capital Ltd. accepts no liability for losses incurred as a result of the use of the information provided or the execution of transactions.

Sole Responsibility:

The decision to invest or not to invest is solely the responsibility of the investor. Investors should obtain comprehensive information about the risks involved before making any investment decision and, if necessary, seek independent advice.

No Guarantees:

Goldalea Capital Ltd. makes no warranties or representations as to the accuracy, completeness, or timeliness of the information provided. Markets are subject to constant change, and past performance is not a reliable indicator of future results.

Regional Restrictions:

The services offered by Goldalea Capital Ltd. may not be available to all persons or in all countries. It is the responsibility of the investor to ensure that they are authorized to use the services offered.

Please note: This disclaimer is for general information purposes only and does not replace individual legal or tax advice.