As businesses increasingly deploy web applications, they have exposed themselves to new cybersecurity vulnerabilities. According to the 2024 Verizon Data Breach Investigations Report, web applications are the primary vector for ransomware and extortion attacks and were used in 80 percent of incidents and 60 percent of breaches. 

 Why web applications? These apps often have vulnerabilities or configuration errors and may contain valuable information like personal and financial data. Earlier Barracuda research shows that 40 percent of IT professionals involved in ethical hacking believe web application attacks are among the most lucrative for cybercriminals, and 55 percent say the same for APIs.  

This increase in web application attacks signifies a lasting shift, not just a temporary trend. According to a recent Global Threat Analysis Report, in 2023, the total malicious web application and API transactions rose by 171 percent, primarily via layer 7 encrypted web application attacks, with attackers primarily targeting misconfigurations.

This aligns with data from Barracuda’s Application Security system, which found in December 2023 that 30 percent of all attacks against web applications targeted security misconfigurations (such as coding and implementation error), while 21 percent involved SQL code injection. Additional tactics used by attackers included cross-site scripting (XSS) and cross-site request forgery (CSRF). These tactics enable attackers to steal data or manipulate the victim into unintended actions. 

Smarter attacks, smarter defenses with AI

An emerging and alarming trend has been the use of artificial intelligence (AI) to improve the success rate of attacks. 

Cybercriminals determined early on the potential for AI to help create more convincing phishing emails and other content that can easily fool potential victims. Attackers can produce personalized and contextually relevant messages that improve their chances of success. AI makes it easier for attackers to spoof authentic email addresses, analyze publicly available data to tailor attacks, and replicate the communication patterns of familiar contacts to help trick recipients. AI also eliminates many telltale signs of fake content, like misspellings and grammatical errors.

Attackers have also used AI tools, for example, to bypass security measures and enhance tactics like injection attacks and cross-site scripting. With tools (like EvilGPT), even inexperienced attackers can create successful zero-day attacks by auto-generating malicious attachments and dynamic malware payloads. AI-powered botnets have improved the effectiveness of distributed denial-of-service (DDoS) attacks by amplifying their impact while reducing the need for human involvement and accelerating breach rates. 

However, AI is not just a tool used by attackers. For MSPs, AI can play an essential role in identifying attacks, enabling faster response times, and improving mitigation. According to Barracuda’s research, roughly half (46 percent) of organizations surveyed say they already use AI in cybersecurity, and 43 percent plan to implement AI in the future. 

For MSPs and resellers, there are several key features to emphasize when it comes to AI-enabled security:

• AI-based security solutions can quickly analyze large datasets to identify new threats and correlate signals across multiple attack surfaces
• AI-driven machine learning algorithms use threat detection and intelligence to detect irregularities such as unusual network traffic or user behavior, suspicious activities, and abnormal access patterns
• While AI can help create more convincing phishing emails, AI analysis also makes detecting unusual messaging behavior, deviations, and email content easier
• Natural language-based query builders can extract pertinent data and deliver targeted, personalized security awareness training to individual users and entire organizations
• AI can also create automated responses and alerts to improve attack and breach mitigation. It also helps human analysts sort and prioritize alerts efficiently and accurately.

Layer AI into robust security practices

As businesses increasingly adopt web applications, these platforms have become prime targets for ransomware and extortion. Cybercriminals are developing new and advanced methods to exploit AI and other technologies to enhance their attack success rates against these applications. As a result, cybersecurity vendors and MSPs face a growing challenge in preventing such attacks.

The silver lining in this gathering cloud is that security teams can turn AI against potential attacks through more efficient threat detection, real-time incident response, and comprehensive security training. Yet, AI-based security is not an end unto itself. People still play the most critical role in maintaining good security posture for MSPs and their clients because human error is still the leading cause of most security breaches. This is why layering AI into robust security training practices will remain the best way to provide confidence in security technology. 

MSPs should act now to help their clients stay ahead of cyber threats by assessing the organization’s web application security posture, while also encouraging investments in AI-driven security solutions and robust training programs to ensure the organization is prepared to identify and respond to potential threats. 

Anthony Bryce is Senior Director of Product Management at Barracuda Networks, where he is responsible for Application and Network Security product groups. Connect with Anthony on LinkedIn.