Report finds financial services most targeted by DDoS attacks for 2 years
A recent report by Akamai Technologies has revealed that the financial services sector remains the most frequently targeted industry for Layer 3 and 4 distributed denial-of-service (DDoS) attacks for the second consecutive year.
The report, 'Navigating the Rising Tide: Attack Trends in Financial Services,' provides an extensive analysis of cyber threats facing the financial sector.
According to the report, financial services account for 34% of DDoS attacks, followed by the gaming industry at 18% and the high technology sector at 15%.
The financial institutions are attractive targets due to the vast amounts of sensitive data and high-value transactions they manage. Layer 3 and Layer 4 DDoS attacks specifically target the network and transport layers, causing significant disruptions by overwhelming network infrastructure and exhausting server resources and bandwidth. Successful DDoS attacks can severely affect customer trust, lead to downtime, and result in regulatory penalties.
The report attributes the rise in DDoS events to ongoing geopolitical tensions, which have spurred a surge in hacktivist activities. Known threat actors, including REvil, BlackCat (ALPHV), Anonymous Sudan, KillNet, and NoName057, have been particularly active in these activities, often related to the Russia-Ukraine conflict and the Israel-Hamas conflict.
Other significant findings of the report include the financial services sector being the most affected by brand impersonation and abuse, accounting for 36% of such instances. Commerce follows as the second most targeted sector at 26%. Phishing is the predominant form of counterfeit domain activity targeting financial services, making up 68% of recorded instances, while brand impersonation accounts for 24%. The report also noted a sharp increase in Layer 7 DDoS attacks targeting applications via APIs, with a particular concern being the presence of undocumented "shadow APIs" that information security teams may have overlooked. These unsecured APIs can be exploited by attackers to exfiltrate data, bypass authentication controls, or perform disruptive acts.
Steve Winterfeld, Advisory CISO at Akamai, commented on the significance of these findings, stating, "Cybercrime poses a significant threat to the financial services sector as it causes widespread disruption and serious economic damage."
"This report is designed specifically to help financial services cybersecurity professionals around the globe understand the increasingly complex threat landscape and best practices to protect customers."
The report also highlighted the unique cybersecurity challenges faced in the Asia Pacific and Japan (APJ) region. APJ has received the highest median threat score for phishing attacks against financial institutions, largely due to the region's rapid digitalisation in banking and relatively low awareness of phishing dangers.
The financial services sector in APJ is more vulnerable compared to Europe and America, primarily due to high digitisation and active social media use, which opens more avenues for phishing and impersonation attacks.
Reuben Koh, Director of Security Technology and Strategy at Akamai for APJ, discussed the region's challenges.
"Financial institutions in APJ face a trifecta of challenges in today's landscape such as safeguarding assets and data, ensuring compliance, and staying ahead of innovation to educate customers on the latest phishing and scam tactics," he said.
"Traditional security mechanisms often fall short in detecting sophisticated threats like ransomware and API abuse, underscoring the need for modern AI-powered security technologies to better protect the organisation, meet new regulatory standards and protect customer trust."
Koh emphasised the importance of Chief Information Security Officers making informed decisions on automation, delegation, and outsourcing to ensure scalable security solutions.
The "Navigating the Rising Tide: Attack Trends in Financial Services" report includes a guest column from FS-ISAC, a case study on credential stuffing attacks, and sections on Zero Trust and microsegmentation. It also provides mitigation strategies for defending against DDoS attacks, offering valuable insights for cybersecurity professionals.
This year marks the 10th anniversary of Akamai's State of the Internet (SOTI) reports, which have been crucial in providing expert insights into cybersecurity and web performance landscapes based on data gathered from Akamai Connected Cloud.