back Back

Public-facing applications and APIs are the most common targets of cyberattacks

By Puja Sharma

June 11, 2024

  • APIs
  • Cybersecurity in AI
  • Data Breaches

Cybersecurity spotlight: risks lurking behind public-facing applications

These applications, ranging from websites to APIs and web services, serve as the digital storefronts of organisations, providing essential services and information to users worldwide

Today, public-facing applications play a pivotal role in enabling businesses to interact with customers, partners, and stakeholders. These applications, ranging from websites to APIs and web services, serve as the digital storefronts of organisations, providing essential services and information to users worldwide. But in its latest Incident Response report, Kaspersky found that public-facing applications remain the most common attack vector used by cybercriminals to infiltrate a victim’s system. In light of these findings, the cybersecurity experts are issuing guidelines to help businesses using these applications to remain cyber-resilient.

According to the latest Kaspersky Incident Response report 2023, compromising public-facing applications remained the most common method of cyberattacks, and one third of these applications were attacked via known vulnerabilities. It’s also noteworthy that over half of these vulnerabilities were discovered in 2021 and 2022. This initial vector was found in 42.37% of cases.

Following these alarming statistics, Kaspersky is unveiling its findings regarding the cybersecurity risks of public-facing applications that organizations must be aware of.

Understanding public-facing applications

Public-facing applications are software applications or services accessible to external users over the internet. Unlike internal-facing applications, which are typically used by employees within an organization’s network, public-facing applications are designed to be accessed by anyone with an internet connection. These applications serve various purposes, including e-commerce platforms, customer portals, social media networks, and online banking systems, among others.

The cybersecurity dangers

Given their critical role in digital business operations, public-facing applications are often targeted by cybercriminals due to their exposure to the internet. Here are some of the cybersecurity dangers associated with public-facing applications:

  • Data breaches. Public-facing applications often store sensitive information such as customer data, payment details, and intellectual property. A successful cyberattack on these applications can lead to data breaches, resulting in the exposure of confidential information and financial losses.
  • Malware infections. Cybercriminals may inject malware into public-facing applications to compromise user devices or steal sensitive information. Malicious codes hidden within web pages can infect users’ devices when accessed, leading to unauthorized access to data or financial fraud.
  • Phishing attacks. Public-facing applications are prime targets for phishing attacks, where cybercriminals attempt to trick users into revealing sensitive information such as login credentials or financial details. Phishing attacks conducted via email, fake websites, or social media links can exploit vulnerabilities in public-facing applications to deceive unsuspecting users.
  • DDoS attacks. Cybercriminals may launch DDoS attacks against public-facing applications to disrupt their availability and deny service to legitimate users. By flooding the application’s servers with traffic, DDoS attacks can overwhelm the infrastructure, causing downtime and financial losses for organizations.
  • SQL injection and cross-site scripting (XSS). Vulnerabilities such as SQL injection and cross-site scripting can be exploited by cybercriminals to manipulate or steal data from public-facing applications. These attacks target the underlying code of web applications, allowing attackers to execute arbitrary commands or inject malicious scripts into web pages.

By understanding the cybersecurity risks associated with public-facing applications and implementing proactive security measures, organizations can enhance their resilience against cyberthreats, and safeguard their digital assets and reputation in today’s interconnected world.

Previous Article

June 11, 2024

Fundiin joins forces with Vietnam’s National Credit Information Center

Read More
Next Article

June 11, 2024

5 UK FinTech startups on track to gain unicorn status in 2024

Read More

IBSi Daily News Analysis


June 20, 2024


Why predictive AI is a critical necessity in the field of cybersecurity

Read More

IBSi FinTech Journal

  • Most trusted FinTech journal since 1991
  • Digital monthly issue
  • 60+ pages of research, analysis, interviews, opinions, and rankings
  • Global coverage
Subscribe Now

Other Related News


The Deep dive: Open Banking Vs BNPL

Read More

June 19, 2024

RBI announces completion of fourth regulatory sandbox cohort on financial fraud prevention

Read More

June 18, 2024

Finbourne Technology raises $55m to drive global expansion

Read More

Related Reports

Sales League Table Report 2023
Know More
Global Digital Banking Vendor & Landscape Report Q1 2024
Global Digital Banking Vendor & Landscape Report Q1 2024
Know More
Wealth Management & Private Banking Systems Report Q1 2024
Wealth Management & Private Banking Systems Report Q1 2024
Know More
IBSi Spectrum Report: Supply Chain Finance Platforms Q4 2023
Know More
Treasury & Capital Markets Systems Report Q1 2024
Know More

IBSi Sales League Table

The industry acknowledged barometer of global banking technology vendor performance!
Get your copy now!
Get your copy now! IBSi Sales League Table 2023